• Deutsch

as of 04.01.2024

Who we are

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
Blackwave GmbH
Rotwandweg 8
82024 Taufkirchen
Germany
+49 176 30119805
info@blackwave.de
www.blackwave.de

Contacting the Data Protection Officer

The Data Protection Officer of the Controller is:
DataCo GmbH
Dachauer Str. 65
80335 Munich
Germany
+49 89 7400 45840
www.dataguard.de

On this page we inform you about the processing of your personal data on the website.

How we collect and use your personal information depends on how you interact with us or the services you use. We will only collect, use or share your personal information where we have a legitimate purpose and legal basis to do so.

What do we mean by legal basis?

consent (Art. 6 para. 1 sentence 1 lit. a GDPR)- You have given us your consent to process your personal data for the specific purpose that we have explained to you. You have the right to withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the “Exercising Your Rights” subsections in the following sections of this Privacy Policy.

Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) – We need to use your data to perform a contract you have with us. Alternatively, it is necessary to use your data because we asked you to do so or you yourself took certain steps before entering into this contract.

Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – We need to use your data to comply with the law.

vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) – The processing of your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious physical harm.

Public task (Art. 6 para. 1 sentence 1 lit. e GDPR) – The processing of your data is necessary for the performance of a task carried out in the public interest or because it is covered by a task defined by law, e.g. for a statutory function.

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – The processing of your data is necessary to support a legitimate interest that we or another party have, only if your own interests do not prevail.

Please note that if your data is processed for the performance of a contract or legal obligation and you do not provide the requested data, we may not be able to provide you with our website services.

Data sharing and international transfer

As explained in this Privacy Policy, we use various service providers to help us provide our services and keep your information safe. When we use these service providers, it is necessary for us to share your personal data with them.

We have agreements in place with all service providers with whom we share your data, which oblige them to protect your data.

If your personal data is transferred outside the EU, we will ensure that your personal data receives an equivalent level of protection, either because the country to which your personal data is transferred
data has an “adequate” standard of data protection as defined by the European Commission, or by applying another safeguard, such as an extended contractual agreement, i.e. the Standard Contractual Clauses (SCCs) adopted by the European Commission.

For example, when we use U.S. service providers, we rely on either the SCC or the EU-US Data Privacy Framework, depending on the provider. You may request a copy of the SCCs we have entered into with our service providers by sending an email to the email address provided in this Privacy Policy.

Your rights

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. The right of access (Art. 15 GDPR)
You have the right to obtain confirmation from us as to whether or not personal data concerning you is being processed. If this is the case, you have the right to access this data and the following information:

    • processing purposes
    • categories of personal data
      Recipients or categories of recipients
    • Planned storage period or the criteria used to determine this period, the existence of the rights to
    • correction, deletion or restriction or objection
    • Right to lodge a complaint with the competent supervisory authority
    • If applicable, origin of the data (if collected from a third party)

If applicable, the existence of automated decision-making, including profiling, with meaningful
Information about the logic involved, the scope and the expected effects

  • If applicable, transfer of personal data to a third country or international organisation

2. Right to rectification (Art. 16 GDPR)
If your personal data is inaccurate or incomplete, you have the right to request that the personal data be corrected or supplemented without undue delay.

3. Right to restriction of processing (Art. 18 GDPR)
If one of the following conditions is met, you have the right to request that the processing of your personal data be restricted:

  • You contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data.
  • In the context of unlawful processing, you oppose the erasure of the personal data and request the restriction of the use of the personal data instead.
  • We no longer need your personal data for the purposes of the processing, but you do need your personal data for the establishment, exercise or defence of your legal claims or
  • after you have objected to the processing, for the duration of the review of whether our legitimate grounds outweigh your reasons.
4. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

If one of the following reasons applies, you have the right to request the erasure of your personal data without undue delay:

  • Your data is no longer necessary for the purposes for which it was originally collected.
  • you withdraw your consent and there is no other legal basis for the processing.
  • you object to the processing and there are no overriding legitimate grounds for the processing or you object in accordance with Art. 21 (2) GDPR.
  • Your personal data is being unlawfully processed.
  • erasure is necessary to comply with a legal obligation under Union law or the law of the Member State to which we are subject.
  • The personal data has been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.

Please note that the above reasons do not apply to the extent that the processing is necessary:

  • To exercise the right to freedom of expression and information;
  • To comply with a legal obligation or to carry out a task that is in the public interest and to which we are subject.
    For reasons of public interest in the field of public health.
  • For archival purposes in the public interest, scientific or historical research purposes or for statistical purposes.
  • for the establishment, exercise or defence of legal claims.
5. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller.

6. Right to object to certain data processing (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is carried out on the basis of Art. 6 (1) sentence 1 (e) or (f) GDPR. This also applies to profiling based on these provisions.
If your personal data is processed for the purpose of direct marketing, we have the right to
you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is related to such direct marketing.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of:
the status and results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.

Provision of the website and creation of log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically records
Data and information from the computer system of the accessing computer.

The following data is collected:

  •  information about the browser type and version used
  • The user’s operating system
  • date and time accessed
  • websites from which the user’s system reaches our website

This data is stored in the log files of our system.
This data is not stored together with other personal data of the user.

2. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

The data is stored in log files in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. In this context, the data is not evaluated for marketing purposes.

3. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f
GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or altered so that it is no longer possible to assign the calling client.

5. Exercising your rights
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. The user can object to this. Whether the objection is successful must be determined in the context of a balancing of interests.

Use of cookies

1. Description and scope of data processing
When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your device. When you visit our website and at any time later, you have the choice of whether you want to allow the setting of cookies in general or which individual additional functions you would like to select. You can make changes in your browser settings or via our consent manager.

Cookies are text files or pieces of information in a database that are stored on your hard drive and associated with the browser you are using, so that certain information can flow to the entity that sets the cookie. Below we describe the type of cookies we use:

We use technically necessary cookies, which are necessary for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.

The following data is stored and transmitted by the technically necessary cookies:

  • language settings

We use cookies on our website that are not technically necessary. Text files that are not technically necessary are considered to be text files that not only serve the functionality of the website, but also collect other data.

By setting cookies that are not technically necessary, the following data is processed:

  • IP address

date and time the website was accessed
tracking of surfing behavior

2. Purpose of data processing
The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For this, it is necessary that the browser is recognized even after a page change.

We need the technically necessary cookies for the following applications:

  • transfer of language settings
  • Functionality of the website

The use of cookies that are not technically necessary is for the purpose of improving the quality of our website, its content and thus our reach and profitability. By setting these cookies, we learn how the website is used and can thus continuously optimize our offer. In particular, we use these cookies for the following purposes:

We use cookies that are not technically necessary to analyse website usage. The data obtained from this is used to optimize our website and advertising measures.

3. Legal basis for data processing
For the storage of information in the end-user’s terminal equipment and/or access to information already stored in the end-user’s terminal equipment, the provisions of the Telecommunications-Telemedia-Data Protection Act (TTDSG) are relevant. If the setting and reading
of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is based on § 25 para. 2 no. 2 TTDSG. This storage and access to the information in your terminal equipment serves to make it easier for you to use our website and to be able to offer you our services as you have requested. Some functions of our website do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted at the end of the session (e.g. logging out or closing the browser) or after the expiry of a specified period of time. Information about different storage periods for cookies can be found in the following sections of this privacy policy.

If cookies are used that are not technically necessary, this is done on the basis of your explicit consent, which you can give via the cookie banner. In this case, the basis for storing and accessing information is § 25 (1) TTDSG in conjunction with Art. 6 (1) (a), Art. 7 GDPR. You can revoke your consent at any time with effect for the future or give it again retrospectively by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by making the appropriate settings in your browser software. Please note that the browser settings you have made only apply to the browser you are using. If personal data is processed following the storage of and access to the information on your terminal equipment, the provisions of the GDPR apply. Information on this can be found in the following sections of this privacy policy.

email-contact

1. Description and scope of data processingng
On our website, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.
The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing
In the case of contact by e-mail, this is also the necessary legitimate interest in the processing of the data.

3. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (f) GDPR. Our legitimate interest is to respond to your enquiry that you send by e-mail in the best possible way.
If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Exercising your rights
If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot continue.
In this case, all personal data stored in the course of contacting us will be deleted.

contact form

1. Description and scope of data processing
There is a contact form on our website, which can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

At the time the message is sent, the following data is stored:

  • email address
  • first name
  • pseudonym
  • date and time

2. Purpose of data processing
The processing of personal data from the input mask of the contact form or via the e-mail address provided serves us solely for the purpose of processing the contact.
The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to provide us with the best possible response to your enquiry, which you send to us via the contact form. If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Exercising your rights
If the user contacts us via the input mask in the contact form, he can object to the storage of his personal data at any time, in the following way:
You can withdraw your consent at any time and object to the storage of your personal data. To do so, please send us an informal e-mail to info@blackwave.de.
In this case, all personal data stored in the course of contacting us will be deleted.

corporate appearances

Instagram:
Instagram, Part of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland

On our company page, we provide information and offer Instagram users the opportunity to communicate.

If you carry out an action on our Instagram company presence (e.g. comments, posts, likes, etc.) it may be that you have personal data (e.g. real name or photo of your user profile).

However, since we generally or largely have no influence on the processing of your personal data by Instagram, we cannot make any binding statements about the purpose and scope of the processing of your data.

We use our corporate presence in social networks for communication and exchange of information with (potential) customers. In particular, we use the corporate identity for:
Information, Recruiting & Customer acquisition.

The publications on the company’s website may contain the following content:

  •  information about products

information about services

Each user is free to publish personal data through activities.

Insofar as we process your personal data in order to evaluate your online behaviour, offer you competitions or carry out lead campaigns, this is done on the basis of your explicit declaration of consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR.

The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to answer your enquiry in the best possible way or to be able to provide the requested information.
If the purpose of the contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.

The data generated by the company’s website is not stored in our own systems.

For the processing of your personal data in third countries, we have provided suitable safeguards in the form of standard data protection clauses in accordance with Art. 46 (2) (c) GDPR.

You can object to the processing of your personal data, which we collect in the context of your use of our Instagram corporate presence, at any time and change your consent under IV.
rights of data subject referred to in the Privacy Policy. To do so, send us an informal email to info@blackwave.de. You can find more information about the processing of your personal data by Instagram and the corresponding objection options here:

Instagram: https://help.instagram.com/519522125107875

Use of corporate presence in job-oriented networks

1. Scope of data processing
On our site, we provide information and offer users the opportunity to communicate.

The company’s website is used for applications, information/PR and active sourcing. We do not have any information on the processing of your personal data by the companies co-responsible for the company’s appearance. For more information, please refer to the privacy policy of:

  • LinkedIn

On our site, we provide information and offer users the opportunity to communicate.
The company’s website is used for applications, information/PR and active sourcing.

We do not have any information on the processing of your personal data by the companies co-responsible for the company’s appearance. For more information, please refer to the privacy policy of:

LinkedIn:
https://www.linkedin.com/legal/privacy-policy

If you carry out an action on our company website (e.g. Comments, Posts, Likes
etc.) it may be that you have personal data (e.g. real name or photo of your user profile).

2. Legal basis for data processing
The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to answer your enquiry in the best possible way or to be able to provide the requested information.

If the purpose of the contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.

3. Purpose of data processing
Our corporate identity serves us to inform users about our services. Each user is free to publish personal data through activities.

4 . Duration of storage
The data generated by the company’s website is not stored in our own systems.

5. Exercising your rights
You can object to the processing of your personal data, which we collect in the context of your use of our corporate identity, at any time and assert your rights as a data subject mentioned under IV. of this data protection declaration. To do so, please send us an informal e-mail to the e-mail address given in this privacy policy.

You can find more information on how to exercise your rights here:

LinkedIn:
https://www.linkedin.com/legal/privacy-policy

Hosting

The website is hosted on servers by a service provider commissioned by us.

Our service provider is: Siteground of SiteGround Spain S.L., Calle de Prim 19, 28004 Madrid, Spain.

For more information, please refer to the provider’s privacy policy: https://de.siteground.com/privacy.htm

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

  • information about the browser type and version used
  • The user’s operating system
  • date and time accessed
  • websites from which the user’s system reaches our website

This data is not combined with other data sources. This data is collected on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest in processing this data is to display our website without errors and to optimize its functions.

The website server is geographically located in the European Union (EU) or the European Economic Area (EEA).

geotargeting

We use the IP address and other information provided by the user (in particular postal code as part of registration or ordering) for the purpose of regional target group targeting (so-called “geotargeting”).

For example, regional targeting is used to automatically show you regional offers or advertisements that are often more relevant to users. The legal basis for the use of the IP address and, if applicable, other information provided by the user (in particular postal code) is Art. 6 (1) (f) GDPR, based on our interest in ensuring a more precise target group approach and thus providing offers and advertising with greater relevance for users.

In this case, part of the IP address as well as the additional information provided by the user (in particular postal code) are only read and not stored separately.
You can prevent geotargeting, for example, by using a VPN or proxy server that prevents accurate localization. In addition, depending on the browser you are using, you can also deactivate location localization in the corresponding browser settings (if the respective browser supports this).
We use geotargeting on our website for the following purposes:

  • customer approach
Third-Party Integrated Services

We use various service providers to provide the services we offer on the website.

In general, we have a legitimate interest in sharing your data with the relevant service providers where these services are essential to providing the basic service offered on the website in order to provide the relevant website service.

If such services are necessary for additional services, enhanced features, or additional purposes, your personal information will only be shared with service providers if you provide your consent.

Use of Contact Form 7

1. Scope of processing of personal data
We use the WordPress plugin Contact Form 7 from RockLobster LLC., Sakai 810-0001 Fukuoka Prefecture Chuo-ku Tenjin 1-chome 8-1, Fukuoka City Hall, Japan (hereinafter: RockLobster) to manage contact forms on our online presence. Entered form data will be transmitted by e-mail. In this way, personal data can be stored and evaluated, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and the operating system). In doing so, data may be transmitted to RockLobster servers in Japan. As far as Japan is concerned, the European Union has taken an adequacy decision.
You can find it here:
https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2019:076:TOC

Further information on the processing of data by Contact Form 7 can be found here: https://contactform7.com/privacy-policy/

2. Purpose of data processing
The use of the Contact Form 7 plugin serves to improve the user-friendliness of our online presence. We use this plug-in to be able to easily create, integrate and display contact forms in an appealing way.

3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage
Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, such as for tax and accounting purposes.

5. Exercising your rights
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
You can prevent the collection and processing of your personal data by Contact Form 7 by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser, or by disabling a script blocker such as NoScript (https:// noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

For more information on how to object and remedy Contact Form 7, see https://contactform7.com/privacy-policy/

Use of Google Analytics 4 (GA 4)

1 . Scope of processing of personal data
We use Google Analytics, a web analytics service provided by Google LLC, the European representative is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google).
Google Analytics examines, among other things, how the website visitor uses our site. Google places cookies on your device. During the visit, user behavior is recorded in the form of “events”. In this way, personal data can be stored and evaluated, including:

  • first visit to the website
  • interaction with the website, usage path clicks on external links
  • video usage
  •  filedownloads
  • ad impressions and clicks
  • scroll behavior (when to bottom of page)
  • site searches
  • language selection
  • page visits
  • location (region)
  • Your IP address (in abbreviated form)
  • technical information about your browser and those of you devices used (e.g. language setting, screen resolution)
  • Your Internet Service Provider
  •  Referrer-URL
  •  

By default, GA 4 has IP address anonymization enabled. This means that your IP address will be shortened by Google within the member states of the European Union or other contracting states of the Agreement on the European Economic Area. Exceptionally, only in rare cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser will not be merged with other Google data as part of Google Analytics.
Further information on the processing of data by Google can be found here: https://policies.google.com/privacy

2. Purpose of data processing
The use of GA 4 is used by us to evaluate the use of our online presence and to generate reports on the activities on our website. The reports are used to analyse the performance of our website and to display targeted advertising to people who have already expressed an initial interest by visiting the site.

3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

4. Duration of storage
After 2 months, your personal data will be deleted. This deletion takes place automatically once a month.

5. Transfer of data to a third country
Your personal data will also be transferred to the United States. For the USA, there is an adequacy decision “EU-U.S. Data Privacy Framework” according to Art. 45 III GDPR. The European Commission has adopted the EU-US data protection framework and established in the decision that the United States ensures an adequate level of protection of personal data. However, the transfer of personal data to the United States only applies if the respective US data recipient is also certified under the EU-US Data Privacy Framework with the US Department of Commerce. A list of certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search
Google LLC is certified under the Data Privacy Framework.

6. Exercising Your Rights
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal. You can revoke your consent via our Cookie Consent Tool.
You can prevent the collection and processing of your personal data by Google by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser, or by disabling a script blocker such as NoScript (https://noscript.net) or Ghostery (https: www.ghostery.com) in your browser.
You can find more information on the options for objecting and removing data from Google at: https://policies.google.com/technologies/partner-sites
You can also prevent the collection of the data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de

You can opt out of Google’s use of your personal data by clicking on the following link: https://adssettings.google.de
Use of Google Tag Manager

1. Scope of processing of personal data
We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter: Google). With Google Tag Manager, tags from Google and third-party services can be managed and embedded in a bundled form on an online presence. Tags are small pieces of code on an online presence that are used, among other things, to measure visitor numbers and behavior, to measure the impact of online advertising and social channels, to use remarketing and audience targeting, and to test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user’s browser. It contains instructions on which tags to fire. Google Tag Manager triggers other tags, which in turn may collect data. Information on this can be found in the passages on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.

For more information about Google Tag Manager, see https://www.google.com/intl/de/tagmanager/faq.html and Google’s privacy policy: https://policies.google.com/privacy?hl=de

2. Purpose of data processing
The purpose of the processing of personal data is the collected and clear management as well as the efficient integration of third-party services.

3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage
Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law.
Advertising data in server logs is anonymized by deleting parts of the IP address and cookie information after 9 and 18 months, respectively.

5. Transfer of data to a third country
Your personal data will also be transferred to the United States. For the USA, there is an adequacy decision “EU-U.S. Data Privacy Framework” according to Art. 45 III GDPR. The European Commission has adopted the EU-US data protection framework and established in the decision that the United States ensures an adequate level of protection of personal data. However, the transfer of personal data to the United States only applies if the respective US data recipient is also certified under the EU-US Data Privacy Framework with the US Department of Commerce. A list of certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search
Google LLC is certified under the Data Privacy Framework.

6. Exercising Your Rights
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
You can prevent the collection and processing of your personal data by Google by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser, or by disabling a script blocker such as NoScript (https://noscript.net/) or Ghostery (https: www.ghostery.com) in your browser.
In addition, you can request the collection of information generated by the cookie and related to your use of the
You can prevent your online presence (including your IP address) from being sent to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
You can opt out of Google’s use of your personal data by clicking on the following link:
https://adssettings.google.de
You can find more information on the options for objecting and removing data from Google at: https://policies.google.com/privacy?gl=DE& hl=en

Change to our Privacy Policy

We reserve the right to make changes to this Privacy Policy at any time.

The Privacy Policy will be updated regularly and any changes will be automatically posted on our website.

This privacy policy was initially created in German and translated to English.
In the event of any inconsistency or contradiction between the German and English version, the German version shall take precedence.

This privacy policy has been prepared with the support of DataGuard.