Our Privacy Police

The op­er­a­tors of this web­site and its pages take the pro­tec­tion of your per­sonal data very se­ri­ously. Hence, we han­dle your per­sonal data as con­fi­den­tial in­for­ma­tion and in com­pli­ance with the statu­tory data pro­tec­tion reg­u­la­tions and this Data Pro­tec­tion De­c­la­ra­tion. When­ever you use this web­site, a va­ri­ety of per­sonal in­for­ma­tion will be col­lected. Per­sonal data com­prises data that can be used to per­son­ally iden­tify you. This Data Pro­tec­tion De­c­la­ra­tion ex­plains which data we col­lect as well as the pur­poses we use this data for. It also ex­plains how, and for which pur­pose the in­for­ma­tion is col­lected. We here­with ad­vise you that the trans­mis­sion of data via the In­ter­net (i.e. through e-mail com­mu­ni­ca­tions) may be prone to se­cu­rity gaps. It is not pos­si­ble to com­pletely pro­tect data against third party ac­cess.

General information

The fol­low­ing in­for­ma­tion will pro­vide you with an easy to nav­i­gate overview of what will hap­pen with your per­sonal data when you visit this web­site. The term “per­sonal data” com­prises all data that can be used to per­son­ally iden­tify you. For de­tailed in­for­ma­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion De­c­la­ra­tion, which we have in­cluded be­neath this copy.

With re­gard to the pro­cess­ing of per­sonal data in the con­text of busi­ness re­la­tion­ships, we re­fer to the Scheuch – General data protection regulations for business partners.

Data recording on this website

Who is the re­spon­si­ble party for the record­ing of data on this web­site (i.e. the “con­troller”)? The data on this web­site is processed by the op­er­a­tor of the web­site, whose con­tact in­for­ma­tion is avail­able un­der sec­tion “In­for­ma­tion Re­quired by Law” on this web­site.

How do we record your data?

We col­lect your data as a re­sult of your shar­ing of your data with us. This may, for in­stance be in­for­ma­tion you en­ter into our con­tact form.

Our IT sys­tems au­to­mat­i­cally record other data when you visit our web­site. This data com­prises pri­mar­ily tech­ni­cal in­for­ma­tion (e.g. web browser, op­er­at­ing sys­tem or time the site was ac­cessed). This in­for­ma­tion is recorded au­to­mat­i­cally when you ac­cess this web­site.

What are the purposes we use your data for?

A por­tion of the in­for­ma­tion is gen­er­ated to guar­an­tee the er­ror free pro­vi­sion of the web­site. Other data may be used to analyse your user pat­terns. The pur­pose of the pro­cess­ing is also de­scribed in more de­tail be­low for each type of pro­cess­ing.

Lawfulness of the processing

Un­less stated oth­er­wise, per­sonal data is only be­ing processed on the fol­low­ing grounds of ar­ti­cle 6 para­graph 1 (a), (b) and (f) of the GDPR:

a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
b) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
f) Processing is necessary for the purposes of the legitimate interests pursued by the controller (…).

Transfer of data

In gen­eral the per­sonal data of our busi­ness part­ners is only be­ing processed within our com­pany. If the in­volve­ment of third par­ties is how­ever re­quired, we will only trans­fer per­sonal data in ac­cor­dance with the statu­tory pro­vi­sions. If per­sonal data is trans­ferred to third par­ties, these third par­ties will be con­trac­tu­ally bound to en­sure the pro­tec­tion of the per­sonal data and com­pli­ance with the statu­tory pro­vi­sions. If per­sonal data is trans­ferred to coun­tries that are not part of the Eu­ro­pean Union, we will com­ply with the gen­eral prin­ci­ples for trans­fer as laid down in the GDPR. This means that we will only trans­fer per­sonal data to coun­tries out­side the Eu­ro­pean Union if:

  • The third country ensures an adequate level of protection as confirmed by the EU Commission in an adequacy decision.
  • The transfer takes place between undertakings in line with binding corporate rules.
  • The transfer takes place based on standard data protection clauses adopted by the EU Commission.
  • The transfer takes place between undertakings in line with an approved code of conduct.
  • The receiver of the personal data has demonstrated compliance with the GDPR based on data protection certification mechanisms.

Storage periods
Per­sonal data shall only be kept for as long as we have a law­ful ground that is re­quired for the pro­cess­ing. Oth­er­wise, the du­ra­tion of the stor­age of per­sonal data re­sults from the statu­tory stor­age oblig­a­tions.

What rights do you have as far as your information is concerned?
Here­with we would also like to in­form you on your rights ac­cord­ing to the GDPR:

  • You have the right to obtain from us the confirmation if any of your personal data is being processed. If this is the case, you have the right of access to this information (in accordance with art. 15 GDPR).
  • You have the right to obtain from us the rectification of any of your inaccurate personal data (in accordance with art. 16 GDPR).
  • You have the ´right to be be forgotten´. On your request we will erase any of your personal data (in accordance with art. 17 GDPR).
  • You have the right to obtain from us a restriction of the processing of your personal data (in accordance with art. 18 GDPR).
  • You have the right to portability of your personal data (in accordance with art. 20 GDPR).
  • You have the right to object, at any time to processing of your personal data (in accordance with art. 21 GDPR).
  • You have the right to withdraw your consent to the processing of your data at any time.
  • You have the right as a data subject, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR.

Analysis tools and tools provided by third parties

There is a pos­si­bil­ity that your brows­ing pat­terns will be sta­tis­ti­cally analysed when your visit this web­site. Such analy­ses are per­formed pri­mar­ily with cook­ies and with what we re­fer to as analy­sis pro­grams. As a rule, the analy­ses of your brows­ing pat­terns are con­ducted anony­mously; i.e. the brows­ing pat­terns can­not be traced back to you.

You have the op­tion to ob­ject to such analy­ses or you can pre­vent their per­for­mance by not us­ing cer­tain tools. For de­tailed in­for­ma­tion about the tools and about your op­tions to ob­ject, please con­sult our Data Pro­tec­tion De­c­la­ra­tion be­low.

Directory

1. Storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

2. General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this website is processed by the operator of the website, whose contact information is available under section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.

Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website.

What are the purposes we use your data for?

A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders or other order enquiries.

What rights do you have as far as your information is concerned?

You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency.

Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues.

Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analyzed when your visit this website. Such analyses are performed primarily with what we refer to as analysis programs.

For detailed information about these analysis programs please consult our Data Protection Declaration below.

3. External Hosting

This website is hosted externally. Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The external hosting serves the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user`s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

We are using the following host:

The service provider is the French company OVH Groupe SAS, Lille, 2 Rue Kellermann, 59100 Roubaix, France. OVH GmbH (Christophstrasse 19, 50670 Cologne, Germany) is the German branch of the company.

4. Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.

5. General information on the legal basis for the data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if special categories of data are processed according to Art. 9 (1) DSGVO. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1)(a) GDPR. If you have consented to the storage of cookies or to the access to information in your end device (e.g., via device fingerprinting), the data processing is additionally based on § 25 (1) TDDDG. The consent can be revoked at any time. If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, if your data is required for the fulfillment of a legal obligation, we process it on the basis of Art. 6(1)(c) GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.

Information on the data transfer to third-party countries that are not secure under data protection law and the transfer to US companies that are not DPF-certified

We use, among other technologies, tools from companies located in third-party countries that are not safe under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If these tools are enabled, your personal data may be transferred to and processed in these countries. We would like you to note that no level of data protection comparable to that in the EU can be guaranteed in third countries that are insecure in terms of data protection law.

We would like to point out that the US, as a secure third-party country, generally has a level of data protection comparable to that of the EU. Data transfer to the US is therefore permitted if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or has appropriate additional assurances. Information on transfers to third-party countries, including the data recipients, can be found in this Privacy Policy.

Recipients of personal data

In the scope of our business activities, we cooperate with various external parties. In some cases, this also requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is required as part of the fulfillment of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 (1)(f) GDPR, or if another legal basis permits the disclosure of this data. When using processors, we only disclose personal data of our customers on the basis of a valid contract on data processing. In the case of joint processing, a joint processing agreement is concluded.

6. Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

7. Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

8. Information about, rectification and eradication of data

Within the scope of the applicable statutory provisions, you have the right to demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data at any time. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.

9. SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from „http://“ to „https://“ and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties

10. Cookie Consent Management with Cookiebot

Our website uses the cookie consent technology of Cookiebot to obtain your consent to the storage of certain cookies on your terminal device and to document this in accordance with data protection law. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter "Cookiebot"). When you enter our website, a connection is established to Cookiebot`s servers in order to obtain your consent and other declarations regarding cookie use. Cookiebot then stores a cookie in your browser in order to be able to assign you the consents given or their revocation. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. a, b GDPR. We have concluded an order processing contract with Cookiebot. This is a contract required by data protection law, which ensures that Cookiebot only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

11. Cookies / Cookie Management

12. Server log files

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:

  • The type and version of browser used
  • The used operating system
  • Referrer URL
  • The hostname of the accessing computer
  • The time of the server inquiry
  • The IP address

This data is not merged with other data sources.

This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

13. Contact form

If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.

Hence, the processing of the data entered into the contact form occurs exclusively based on your consent (Art. 6 Sect. 1 lit. a GDPR). You have the right to revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g. after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions – in particular retention periods.

14. Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

15. Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780.

16. Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device of the user. An assignment to a user-ID does not take place.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymization

Google Analytics IP anonymization is active. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyze your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

17. Matomo (formerly called Piwik)

This website uses the open-source web analysis service Matomo.

Through Matomo, we are able to collect and analyze data on the use of our website-by-website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

IP anonymization

For analysis with Matomo we use IP anonymization. Your IP address is shortened before the analysis, so that it is no longer clearly assignable to you.

Analysis without cookies

We have configured Matomo in such a way that Matomo will not store cookies in your browser.

Hosting

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

18. Google Web Fonts

This website uses so-called Google Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

Font Awesome (local embedding)

This website uses Font Awesome to ensure the uniform use of fonts on this site. Font Awesome is locally installed so that a connection to Fonticons, Inc.’s servers will not be established in conjunction with this application.

For more information on Font Awesome, please and consult the Data Privacy Declaration for Font Awesome under: https://fontawesome.com/privacy.

19. hCAPTCHA

We use “hCaptcha” (hereinafter referred to as “hCaptcha”) on this website. The provider is Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (hereinafter referred to as “IMI”).

hCaptcha is being used to determine whether the entry of data into this website (e.g., into a contact form) is being processed by a person or an automated program. For this purpose, hCaptcha analyzes the behavior patterns of website visitors on the basis of several characteristics.

This analysis begins automatically as soon as the website visitor enters a website with the activated hCaptcha feature. For the analysis, hCaptcha uses a wide range of information (e.g., the IP address, time spent on the website or mouse actions taken by the user). The data recorded during this analysis is forwarded to IMI. If hCaptcha is used in the “invisible mode,” the analyses are completely conducted in the background. Website visitors are not alerted to the performance of an analysis.

The storage and analysis of the data occurs on the basis of Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in protecting the operator’s web presentations against abusive automatic spying and SPAM. In the event that respective consent has been obtained, the data will be processed exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG, if the consent comprises the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined in the TDDDG (German Telecommunications Act). Such consent may be revoked at any time.

The processing of data is based on Standard Contract Clauses, included in the Data Processing Supplement to the General Terms and Conditions of IMI or in the data processing agreements.

For further information on hCaptcha, please consult the Data Protection Policy and Terms of Use under the following links: https://www.hcaptcha.com/privacy and https://hcaptcha.com/terms.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/6388.

20. Appendix

The data controller responsible for data processing on this website is:

Scheuch Management Holding GmbH

Weierfing 68
4971 Aurolzmünster
Österreich

Mail: privacy@scheuch.com

Any affected individual can contact us directly at any time with any questions or suggestions regarding data protection.