The protection of your personal data is of particular concern to us. For this reason, too, we comply with the relevant legal regulations. This data protection declaration is intended to inform you what type of data is collected for what purpose and to what extent this data is made accessible to third parties.
The data protection information is divided into five parts:
A. General data protection information
B. Data protection information for users of this website
C. Data protection information for customers
D. Rights of data subjects
E. Data protection information for applicants
Name and address of the controller
represented by the managing directors: Dipl.-Inf. (FH) Peter Kurz, Tobias Kurz, Ingemar Mayr
D - 83088 Kiefersfelden
Phone: +49 (0)8033 / 6978-0
Telefax: +49 (0)8033 / 6978-91
Name and address of the data protection officer
If you have any questions about data protection or the processing of your personal data processed by us, you can contact our company data protection officer by e-mail at firstname.lastname@example.org or at the above address labelled "Data Protection Officer".
The processing of personal data is carried out in accordance with Art. 5 GDPR.
Personal data is processed on our websites
We use technical and organisational security measures to protect your data managed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments.
Data transmissions are carried out using the SSL procedure (Secure Socket Layer).
We make every effort to take all technical and organisational measures to store your personal data in such a way that it is not accessible to third parties. When communicating by e-mail, we cannot guarantee complete data security, so we recommend that you send confidential information by post.
We use service providers (so-called processors) to provide services and process your data. The service providers process the data exclusively on our instructions and are obliged to comply with the applicable data protection regulations. All processors have been carefully selected and are only given access to your data to the extent and for the period required to provide the services.
External service providers are carefully selected by us and contractually bound in accordance with Art. 28 GDPR by means of an order processing agreement.
Some of the service providers we use are based in the USA or other countries outside the European Economic Area. Companies in these countries are subject to data protection laws that do not generally protect personal data to the same extent as is the case in the member states of the European Union. We use contractual arrangements or other recognised instruments to ensure that your personal data is adequately protected.
When you visit our website, you transmit data to a web server via your internet browser (for technical reasons). The following data is recorded during an ongoing connection for communication between your internet browser and our web servers
We require this data for reasons of technical security and for statistical analyses and we are generally unable to assign it to specific persons. This data is not merged with other data sources. This data is deleted after 14 days at the latest.
Various services on our website use so-called "cookies". These are small text files that are stored on your computer and enable your use of the website to be analysed. They serve to make our website more user-friendly, effective and secure overall - for example, when it comes to speeding up navigation on our platform.
Cookies also enable us to measure the frequency of page views and general navigation, for example. Cookies are small text files that are stored on your computer system. We would like to point out that some of these cookies are transferred from our server to your computer system, most of which are so-called "session cookies". "Session cookies" are characterised by the fact that they are automatically deleted from your hard drive at the end of the browser session. Other cookies remain on your computer system and enable us to recognise your computer system on your next visit (so-called persistent cookies). Of course, you can reject cookies at any time if your browser allows this.
Cookies: Consent options
Instructions for deleting cookies in the most common browsers can be found here:
We use various plugins from social networks on our websites.
Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). An overview of the Facebook plugins and their appearance can be found here:
Instagram is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). An overview of the Instagram buttons and their appearance can be found here:
LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn").
XING is operated by Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany ("Xing"). An overview of the Xing buttons and their appearance can be found here:
X (Twitter) is operated by X Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). An overview of the Twitter buttons and their appearance can be found here:
These social plugins are operated exclusively by the respective providers. The social plugins on our website are labelled with the respective button belonging to the provider or service. If you visit one of our websites that contains such a social plugin, your browser connects to the servers of the respective service. This in turn transmits the content of the plugin to your browser, which integrates it into the page displayed. The respective information is thus transmitted to the respective service when you visit our website.
If you are logged in to one of the respective services via your personal user account at the same time as visiting our website, this service can assign the visit to the website to your account. Users can use social plugins to post or share links to websites in social networks. Through interactions, such as leaving a comment or clicking on the respective button, the respective information is transferred directly to the respective services and stored there.
If you do not want such data transfer and wish to prevent it, log out of your social networks or user accounts before visiting our websites. We have no influence on the collection and transfer of data by social plugins. For the purpose and scope of the data collection of the respective provider or service and the further use and processing of your data, please refer to the respective data protection information directly from the providers' websites. Please find out there what rights you have and how you can achieve a satisfactory data protection setting.
Data protection information on social plugins currently used on our websites:
We only store personal data of website visitors who have registered voluntarily/on their own initiative on our websites in order to receive information about products and services, to receive newsletters or to download documents. Some forms and websites are linked to Pardot. Pardot is a marketing automation software of the
salesforce.com Germany GmbH
Personal data provided voluntarily will first be stored in Pardot and then processed with the Salesforce CRM system for the purpose of contacting you and/or sending you information.
Here you can find out how Salesforce processes your data when you visit websites: https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5.
To create a user account for the purpose of authentication in our online portals, we use the "Microsoft Azure Active Directory B2C" service from Microsoft on the basis of Article 6(1)(f) GDPR.
Microsoft Ireland Operations Ltd
One Microsoft Place
South County Business Park
To create a user account, the first name, surname and email address are transmitted. The password chosen by the user is stored there.
We use this service as a secure alternative to integrated password storage in the respective web applications and for centralised and universal login to all our websites. This prevents unauthorised persons from gaining access to protected parts of our online services.
On our website in our webshop, we offer payment via the external payment service provider
1015 CW Amsterdam
to. The following payment methods are processed via Mollie: Mastercard, Visa, American Express, SEPA and PayPal. If you select the payment method, the payment data you enter will be transmitted to both Mollie and the payment provider you have selected. The transmission of your data to Mollie is based on Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). Payment transactions are subject to the terms and conditions and data protection notices of the respective payment service providers, which are also available on the respective websites or transaction applications. We also refer to these for further information and the assertion of cancellation, information and other data subject rights. Details on payment via the payment service provider Mollie can be found at the following link https://www.mollie.com/en/privacy.
To integrate different databases and tools for the automation of our workflows, we use Zapier, a service provided by
548 Market St #62411
Customer data, with the exception of payment data, may be transmitted. Further information on data protection at Zapier can be found at https://zapier.com/privacy/.
In order to draw the attention of potential users and customers to our online offers, we use the online advertising programme "Google Ads" and, as part of Google Ads, conversion tracking, an analysis service provided by Google.
Google Inc. (Google)1600 Amphitheatre Parkway
Google Ads places a cookie on your computer ("conversion cookie") if you have reached our website via a Google advert. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, we and Google can recognise that someone has clicked on the ad and been redirected to our site. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked via the websites of Google Ads customers. The information collected using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking.
Google Ads customers find out the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
If you do not wish to participate in the tracking process, you can refuse the setting of a cookie required for this - for example, by changing your browser settings to generally deactivate the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "googleadservices.com".
You can also prevent Google Ads from collecting data by clicking on the following link. An opt-out cookie will be set to prevent future collection of your data when you visit this website:
Disable Google Ads
This website uses Google Analytics, a web analytics service provided by
Google Inc ("Google")
1600 Amphitheatre Parkway
Google Analytics uses "cookies". The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there for 14 months. However, if IP anonymisation is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
We would like to point out that on this website Google Analytics has been extended by the code "gat._anonymizeIp();" to ensure anonymised collection of IP addresses (so-called IP masking). You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:
You can also prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie will be set to prevent future collection of your data when you visit this website:
Disable Google Analytics
Our websites also use Google Optimize. Google Optimize is a tool integrated into Google Analytics. Google Optimize analyses the use of different variants of our websites and helps us to improve the user-friendliness according to the behaviour of our users.
Google Tag Manager is used on this website. The Google Tag Manager is a solution from
Google Inc ("Google")
1600 Amphitheatre Parkway
with which companies can manage website tags via an interface. Google Tag Manager is a cookie-less domain that does not collect any personal data. The Google Tag Manager triggers other tags, which in turn may collect data. We hereby point this out separately.
The Google Tag Manager does not access this data. If a deactivation has been made by the user at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
On our website, data is collected and stored using Bing Ads technologies, from which usage profiles are created using pseudonyms. This is a service of the
One Microsoft Way
Redmond, WA 98052-6399
This service enables us to track the activities of users on our website if they have reached our website via adverts from Bing Ads. If you reach our website via such an advert, a cookie is placed on your computer. A Bing UET tag is integrated on our website. This is a code that is used in conjunction with the cookie to store some non-personal data about the use of the website. This includes, among other things, the time spent on the website, which areas of the website were accessed and which ad the user used to access the website. Information about your identity is not recorded.
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website under certain circumstances.
In addition, Microsoft may be able to track your usage behaviour across several of your electronic devices through so-called cross-device tracking and is therefore able to display personalised advertising on or in Microsoft websites and apps.
You can disable this behaviour at
https://choice.microsoft.com/en-us/opt-out to deactivate this behaviour.
Facebook users should note that Facebook's Website Custom Audience communication tool is used on this website. For this purpose, so-called Facebook pixels are integrated on our websites, which mark you as a visitor to our website in anonymised form, i.e. without identifying you as a person.
Option to object: If you wish to object to the use of Facebook Website Custom Audiences, you can do so at https://www.facebook.com/ads/website_custom_audiences. You must be logged in to Facebook to do this.
On the basis of Article 6(1)(f) GDPR, we use the software Wistia (https://wistia.com/) of the
17 Tudor Street
Cambridge, MA 02139
The software is used to embed videos in our website and to promote and measure the interaction behaviour of website visitors with the videos. Wistia collects the following categories of personal data on our behalf
No cookies are used for this purpose.
All information on the transfer and use of data by Wistia can be found here: https://wistia.com/privacy.
We collect certain information so that we can offer you the best possible experience on our websites. For this purpose, we use the Matomo Web Analytics Platform of the company
7 Waterloo Quay PO625
When you visit our site, we store: Your anonymised IP address, the website from which you visited us, the parts of our websites you visit, the date and duration of your visit, information from the device you used during your visit (device type, operating system, screen resolution, language, country you are in and web browser type) and more. We process this usage data in the Matomo Web Analytics Platform for statistical purposes in order to improve our site and to recognise and prevent abuse.
Opt-out from the web analysis
You can opt out of being tracked by our Matomo web analytics at any time.
If you conclude a contract with us or in the case of pre-contractual measures, we process your data in order to conclude and fulfil the contract. Your data is processed on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR (fulfilment of contract) and Art. 6 para. 1 sentence 1 lit. c) GDPR (fulfilment of statutory retention requirements, § 257 HGB, § 147 AO). We process your data for as long as the contract exists and claims may still exist from the contract, which is usually three years after the conclusion of the contract in the case of a purchase contract and three years after the termination of a service contract, in each case starting on 31 December of a year. In addition, we store accounting documents for a period of 10 years and commercial and business letters for a period of 6 years to fulfil our statutory retention obligations. The storage period always begins at the end of the calendar year in which the commercial and business letter is received/sent or the accounting document is created.
The data will not be passed on to third parties with the exception of processors in accordance with Art. 28 GDPR with whom a contract for order processing exists. Data is not transferred to a third country. Automated decision-making does not take place either.
If you have any questions about data protection, please contact our data protection officer, who you can reach by email at email@example.com or by post at our address labelled "Data Protection Officer".
In addition, you are also entitled to statutory data subject rights, which we list below. Please also contact our data protection officer in these cases.
You have the right to
In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office; an overview of the supervisory authorities can be found here (https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html); the supervisory authority generally responsible for us is
The information provided to us as part of your application will, of course, be treated confidentially and used exclusively for the purpose of processing your application in compliance with data protection regulations.
Your data will be processed on the basis of Section 26 BDSG (data processing for the purpose of the employment relationship) on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). If no employment relationship is established, the data will be deleted after 6 months at the latest. We have a legitimate interest in being able to defend ourselves against liability claims under the General Equal Treatment Act (AGG) and therefore continue to store the application documents for this period even after your application has been rejected.
Within our company, only those persons involved in the application and selection process will have access to your data. Your data will not be passed on to third parties. Automated decision-making does not take place.
Status: December 2023