Privacy Policy

(last update: 2026-01-16 14:00)

V1.1.0.2601

The coordinator for data processing is:

Dario Marjanovic
Bahnhofstraße 10
9711 Paternion
Austria
dsgvo@rc-pt.com

We are pleased about your interest in our online shop. The protection of your privacy is very important to us. Below, we provide detailed information about how we handle your data. The processing of your data is carried out on the basis of the GDPR as well as pursuant to Section 165 (3) of the Telecommunications Act (TKG, Austria).

1. Access Data and Hosting

You may visit our websites without providing any personal information. Each time a website is accessed, the web server automatically stores only a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the volume of data transferred, and the requesting provider (access data), and documents the access. This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the website and improving our offering. This serves to safeguard our overriding legitimate interests in a correct presentation of our offering pursuant to Art. 6 (1) sentence 1 lit. f GDPR. All access data is deleted no later than seven days after the end of your visit to the website.

2. Data Processing for Contract Fulfilment and Contact

2.1 Data Processing for Contract Fulfilment

For the purpose of contract fulfilment (including inquiries regarding and handling of any existing warranty and performance disruption claims as well as any statutory update obligations) pursuant to Art. 6 (1) sentence 1 lit. b GDPR, we collect personal data if you voluntarily provide it to us in the course of your order. Mandatory fields are marked as such, as in these cases we require the data to process the contract and cannot ship the order without it. Which data is collected can be seen from the respective input forms.

Further information on the processing of your data, in particular on its disclosure to our service providers for the purposes of order, payment, and shipping processing, can be found in the following sections of this privacy policy. After complete fulfilment of the contract, your data will be restricted for further processing and deleted after the expiry of the statutory retention periods under tax and commercial law pursuant to Art. 6 (1) sentence 1 lit. c GDPR, unless you have expressly consented to further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this policy.

Enterprise Resource Planning System

For order and contract processing, we use enterprise resource planning systems of external service providers. Our service providers act on our behalf within the scope of order processing. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact options described in this privacy policy.

SSL Encryption

To optimally protect your transmitted data, we use SSL encryption on our websites. You can recognize encrypted connections by the prefix „https://“ in the address bar of your browser. Pages without encryption are marked with „http://“.

All data that you transmit to our websites – for example when making inquiries or logging in – is protected against access by third parties thanks to SSL encryption and remains confidential.

2.2 Customer Account

We collect personal data if you voluntarily provide it to us when opening a customer account. Mandatory fields are marked as such, as in these cases we require the data to open the customer account and you cannot complete the account registration without providing it. Which data is collected can be seen from the respective input forms. We use the data you provide to process contracts and handle your inquiries pursuant to Art. 6 (1) sentence 1 lit. b GDPR. Deletion of your customer account is possible at any time and can be requested either by sending a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this policy.

2.3 Contact

As part of customer communication, we collect personal data to process your inquiries pursuant to Art. 6 (1) sentence 1 lit. b GDPR if you voluntarily provide it to us when contacting us (e.g. via contact form or email). Mandatory fields are marked as such, as in these cases we require the data to process your inquiry. Which data is collected can be seen from the respective input forms. After your inquiry has been fully processed, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this policy.

Bitrix24 Live Chat

On our website, we use a live chat provided by Alaio Inc., 901 N. Pitt St, Suite 325, Alexandria VA 22314, USA. You can use the live chat to communicate with our employees in near real time. When starting the chat, personal data is processed.

If you use the live chat tool to contact us, the data you voluntarily enter there (name, email address, message) is processed by us for the purpose of responding to the inquiry as part of contract fulfilment pursuant to Art. 6 (1) sentence 1 lit. b GDPR. In addition, the use of this tool serves to safeguard our overriding legitimate interests in effective and improved customer communication pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

Within the scope of processing on our behalf, the third-party provider Alaio Inc. provides us with the services for making the live chat tool available. All data collected in the course of using the chat tool is processed on its servers.

WhatsApp Live Chat Tool

For the purpose of customer communication, we use the live chat tool provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland („WhatsApp“). This serves to safeguard our overriding legitimate interests in effective and improved customer communication pursuant to Art. 6 (1) sentence 1 lit. f GDPR. WhatsApp acts on our behalf. The telephone numbers stored by us on our mobile devices are automatically processed on servers of Meta companies headquartered at 1601 Willow Road, Menlo Park, California 94025, USA. Only telephone numbers of customers who have previously contacted us via WhatsApp and have therefore already accepted WhatsApp’s terms of use and privacy policy are stored.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: USA, Israel, United Kingdom.

The adequacy decision for the USA applies as a basis for data transfer to third countries insofar as the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in these countries: Singapore. There is no adequacy decision by the European Commission for these countries. Our cooperation with them is based on the following safeguards: Standard Contractual Clauses of the European Commission.

3. Data Processing for the Purpose of Shipping Fulfilment

For contract fulfilment pursuant to Art. 6 (1) sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact option described in this privacy policy.

Disclosure of Data to Shipping Service Providers for the Purpose of Shipment Notification

If you have given us your express consent during or after your order, we will, on the basis of this consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR, pass on your email address and telephone number to the selected shipping service provider so that they can contact you prior to delivery for the purpose of delivery notification or coordination.

You may revoke your consent at any time by sending a message to the contact option described in this privacy policy or directly to the shipping service provider at the contact address listed below. After revocation, we will delete the data provided for this purpose unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this policy. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact option described in this privacy policy.

4. Data Processing for Payment Processing

When processing payments in our online shop, we work together with the following partners: technical service providers, credit institutions, and payment service providers.

4.1 Data Processing for Transaction Processing

Depending on the selected payment method, we pass on the data necessary for processing the payment transaction to our technical service providers, the commissioned credit institutions, or the selected payment service provider, insofar as this is necessary for payment processing. This serves contract fulfilment pursuant to Art. 6 (1) sentence 1 lit. b GDPR. In some cases, the payment service providers themselves collect the data required for payment processing, e.g. on their own website or via technical integration in the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

Depending on the selected payment method, data may be transferred to third countries outside the EU/EEA for which the European Commission has determined an adequate level of data protection by decision. Where data is transferred to third countries outside the EU/EEA for which the European Commission has not issued an adequacy decision, cooperation is based on the Standard Contractual Clauses of the European Commission.

If you have any questions about our partners for payment processing or the basis of our cooperation with them, please contact us using the contact option specified in this privacy policy.

4.2 Data Processing for the Purpose of Fraud Prevention and Optimization of Our Payment Processes

Where applicable, we provide the aforementioned service providers with additional data which they use, together with the data required for payment processing, for the purpose of fraud prevention and optimization of our payment processes (e.g. invoicing, handling of disputed payments, accounting support). This serves to safeguard our overriding legitimate interests in protecting against fraud and in efficient payment management pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

4.3 Identity and Credit Check When Selecting Klarna Payment Services

Klarna Pay now (direct debit), Klarna Pay later (purchase on account), Klarna Slice it (installment purchase)

If you choose the payment services of Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter „Klarna“), we ask for your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to allow us to transmit the data necessary for payment processing and an identity and credit check to Klarna. In Germany, the credit agencies listed in Klarna’s privacy policy may be used for identity and credit checks. Klarna uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. You may revoke your consent at any time by sending a message to the contact option specified in this privacy policy. This may result in us no longer being able to offer you certain payment options. You may also revoke your consent to this use of personal data at any time directly to Klarna.

4.4 Identity and Credit Check When Selecting Mollie Payment Methods

If you choose one of the payment options of our partner Mollie B.V., you will be asked during the ordering process to consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to the transmission of the data required for payment processing and an identity and credit check to Mollie. If you grant your consent, your data (first and last name, street, house number, postal code, city, country, date of birth, telephone number, and, in the case of purchase by direct debit, the specified bank account details) as well as the data related to your order will be transmitted to Mollie.

For the purpose of its own identity and credit check, Mollie or partner companies commissioned by Mollie transmit data to credit agencies and receive information and, if applicable, creditworthiness information based on mathematical-statistical procedures, in the calculation of which address data, among other things, is included. Detailed information on this and on the credit agencies used can be found in the data protection provisions of Mollie GmbH. Mollie B.V. uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship.

Furthermore, Mollie may use third-party tools to detect and prevent fraud. Data obtained with these tools may be stored in encrypted form by third parties so that it can only be read by Mollie. These data are only used if you select a payment method of our cooperation partner Mollie; otherwise, the data automatically expire after 30 minutes.

You may revoke your consent to Mollie at any time. However, Mollie may remain entitled to process, use, and transmit your personal data insofar as this is necessary for contractual payment processing or required by law or ordered by a court or authority.

4.5 Identity and Credit Check When Selecting Purchase on Account via PayPal

If you choose the payment method purchase on account (offered via PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg (hereinafter „PayPal“)), we ask for your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to allow us to transmit the data necessary for payment processing as well as an identity and credit check to PayPal. PayPal uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. You may revoke your consent at any time by sending a message to the contact options specified in this privacy policy. This may result in us no longer being able to offer you certain payment options. Additional information on data protection at PayPal can be found here.

4.6 Installment Payment Option

If you select the payment method „installment purchase“ and grant the required data protection consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR, personal data (first name, last name, address, email, telephone number, date of birth, IP address, gender) together with the data required for transaction processing (items, invoice amount, due dates, total amount, invoice number, taxes, currency, order date and order time) will be transmitted to our partner Santander Consumer Bank GmbH, Wagramer Straße 19, 1220 Vienna, Austria, for the purpose of processing this payment method.

To verify the customer’s identity and creditworthiness, our partner obtains inquiries and information from publicly accessible databases and credit agencies. The providers from whom information and, if applicable, creditworthiness information based on mathematical-statistical procedures are obtained, as well as further details on the processing of your data after transmission to our partner Santander Consumer Bank GmbH, can be found in its privacy policy, which is available here: https://www.santanderconsumer.at/datenschutzhinweis

Our partner Santander Consumer Bank GmbH uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. You have the option to present your point of view to our partner Santander Consumer Bank GmbH and to contest the decision by contacting them. The consent to data transfer granted during the ordering process may be revoked at any time, even without stating reasons, with effect for the future by notifying us.

4.7 Use of Special Service Providers for Order Processing and Fulfilment

PayPal

For payments via PayPal, credit card via PayPal, direct debit via PayPal or – if available – „purchase on account“ or „installment payment“ via PayPal, we transmit your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (hereinafter „PayPal“) for the purpose of payment processing. This transfer takes place pursuant to Art. 6 (1) lit. b GDPR and only to the extent necessary for payment processing.

For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – „purchase on account“ or „installment payment“ via PayPal, PayPal reserves the right to carry out a creditworthiness check. For this purpose, your payment data may be transmitted to credit agencies pursuant to Art. 6 (1) lit. f GDPR on the basis of PayPal’s legitimate interest in determining your ability to pay. The result of the credit check, which includes statistical probabilities of payment default, is used by PayPal to decide on the provision of the respective payment method. The credit check may include probability values (so-called score values) calculated on the basis of scientifically recognized mathematical-statistical procedures, which may also take address data into account. Further information on data protection, including the credit agencies used, can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

You may object to the processing of your data at any time by notifying PayPal. However, PayPal may remain entitled to process your personal data insofar as this is necessary for contractual payment processing.

Apple Pay

If you choose the payment method „Apple Pay“ provided by Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment processing is carried out via the „Apple Pay“ function of your iOS, watchOS or macOS device by charging a payment card stored in „Apple Pay“. Apple Pay uses security features integrated into the hardware and software of your device to protect your transactions. To authorize a payment, you must enter a code defined by you and verify the payment using the „Face ID“ or „Touch ID“ function of your device.

For payment processing, the information provided during the ordering process together with order details is transmitted to Apple in encrypted form. Apple encrypts this data again with a developer-specific key before forwarding it to the payment service provider of the card stored in Apple Pay. This encryption ensures that only the website through which the purchase was made can access the payment data. After successful payment, Apple sends the device account number and a transaction-specific dynamic security code to the originating website for confirmation.

If personal data is transmitted in this process, it is processed exclusively for payment processing purposes pursuant to Art. 6 (1) lit. b GDPR.

Apple stores anonymized transaction data, including the approximate purchase amount, date, time, and information on whether the transaction was completed successfully. This anonymization excludes any personal reference. Apple uses the anonymized data to improve „Apple Pay“ and other Apple services and products.

If you use Apple Pay on an iPhone or Apple Watch for a purchase made via Safari on a Mac, the Mac and the authorizing device communicate via an encrypted channel on Apple servers. Apple does not process or store this information in a format that allows identification of the user. You can disable the ability to use Apple Pay on a Mac in the iPhone settings under „Wallet & Apple Pay“ by disabling „Allow Payments on Mac“.

Further information on data protection at Apple Pay can be found at the following link: https://support.apple.com/de-de/HT203027

4.8 Involvement of Debt Collection Service Providers

We transmit your data to a commissioned debt collection service provider (ACREDIA Versicherung AG, Himmelpfortgasse 29, Austria) if our payment claim has not been settled despite prior reminder. In this case, the claim will be collected directly by the debt collection service provider. This serves contract fulfillment pursuant to Art. 6 (1) sentence 1 lit. b GDPR as well as the safeguarding of our overriding legitimate interests in the effective assertion and enforcement of our payment claims pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

5. Advertising by Email, Post, Telephone

5.1 Email Newsletter with Registration and Newsletter Tracking

If you subscribe to our newsletter, we use the data required for this purpose or separately provided by you to regularly send you our email newsletter on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR.

You may unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter.

After unsubscribing, we will delete your email address from the mailing list unless you have expressly consented to further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this policy.

Please note that when sending the newsletter, we evaluate your user behavior. For this purpose, we also analyze your interaction with our newsletter by measuring, storing, and evaluating open rates and click rates for the purpose of designing future newsletter campaigns („newsletter tracking“).

For this evaluation, the emails sent contain single-pixel technologies (e.g. so-called web beacons or tracking pixels) which are stored on our website. For the evaluations, we link in particular the following „newsletter data“:

the page from which the page was requested (referrer URL),
the date and time of access,
the description of the type of web browser used,
the IP address of the requesting computer,
the email address,
the date and time of registration and confirmation

and the single-pixel technologies with your email address or IP address and, if applicable, an individual ID. Links contained in the newsletter may also contain this ID.

If you do not wish newsletter tracking, you may unsubscribe from the newsletter at any time as described above.

The information will be stored for as long as you are subscribed to the newsletter.

5.2 Email Newsletter without Registration and Your Right to Object

If we receive your email address in connection with the sale of a product or service and you have not objected to this, in particular by registering in the list pursuant to Section 7 (2) ECG, we reserve the right to regularly send you offers for similar products to those already purchased from our range by email on the basis of Section 174 (4) TKG (Austria). This serves to safeguard our overriding legitimate interests in advertising to our customers pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

You may object to this use of your email address at any time by sending a message to the contact option described in this privacy policy or via a link provided for this purpose in the advertising email, without incurring any costs other than the transmission costs according to the basic tariffs.

Processing of Personal Data When Downloading the Heat Pump Manuscript

If you download our heat pump manuscript, we collect the following personal data: first name, last name, and email address. This data is used exclusively to provide the manuscript and for subsequent information about relevant products and services of our company.

We reserve the right to inform you by email at irregular intervals about new products, offers, or relevant information. You may object to this use of your data at any time by sending us an email or by using the unsubscribe link in our emails.

5.3 Newsletter Dispatch

The newsletter and the newsletter tracking described above may also be sent by our service providers within the scope of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact option described in this privacy policy.

6. Cookies and Other Technologies

6.1 General Information

To make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies).

Protection of Privacy on End Devices

When using our online offering, we employ strictly necessary technologies to provide the telemedia service expressly requested by you. The storage of information on your end device or access to information already stored on your end device does not require consent in this respect.

For functions that are not strictly necessary, the storage of information on your end device or access to information already stored on your end device requires your consent. Please note that if consent is not granted, parts of the website may not be fully usable. Any consent you have given remains valid until you change or reset the respective settings on your end device.

Subsequent Data Processing by Cookies and Other Technologies

We use technologies that are strictly necessary for the use of certain functions of our website (e.g. shopping cart function). Through these technologies, IP address, time of visit, device and browser information as well as information about your use of our website (e.g. information about the contents of the shopping cart) are collected and processed. This serves, within the framework of a balancing of interests, our overriding legitimate interests in an optimized presentation of our offering pursuant to Art. 6 (1) sentence 1 lit. f GDPR and is carried out in accordance with the statutory provisions of Section 165 (3) TKG (Austria).

In addition, we use technologies to fulfill legal obligations to which we are subject (e.g. to be able to demonstrate consent to the processing of your personal data) as well as for web analytics and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.

What Types of Cookies Are Used?

Functional Cookies

These cookies are used for certain functionalities of our website, e.g. to suggest a better navigation flow on our website or to display personalized and relevant information to you (e.g. „interest-based advertising“).

Necessary Cookies

These cookies are necessary to enable the operation of our website. This includes, for example, cookies that allow you to log into the customer area or add items to the shopping cart.

Analytics / Performance Cookies

These cookies enable the collection of anonymized data about the usage behavior of our visitors. We analyze this data, for example, to improve the functionality of the website and to display interesting offers to you.

Marketing Cookies

These cookies record your visit to our website, the pages you have visited, and the links you have followed. We will use this information to tailor our website and the advertising displayed to you to your interests.

Cookie Settings

You can find the cookie settings for your browser under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

Insofar as you have consented to the use of technologies pursuant to Art. 6 (1) sentence 1 lit. a GDPR, you may revoke your consent at any time by sending a message to the contact option described in this privacy policy.

Alternatively, you may click the data protection button. If cookies are not accepted, the functionality of our website may be limited.

6.2 EU Cookie Consent Management

We use a consent management solution that enables us to obtain and manage the consent of website users for data processing. Processing is required to fulfill a legal obligation to which we are subject (Art. 7 (1) GDPR) pursuant to Art. 6 (1) sentence 1 lit. c GDPR. The following data is processed for this purpose:

date and time of access, browser information, device information
geographic location
cookie preferences, URL of the visited page

The functionality of the website cannot be ensured without this processing. Processing takes place within the European Union. The data is deleted after 30 days.

6.3 Information on Transfers to Third Countries (Data Transfer to Third Countries)

We use technologies from service providers on our website whose registered office and/or server locations may be in third countries outside the EU or the EEA. If there is no adequacy decision by the European Commission for such a country, an adequate level of data protection must be ensured by other appropriate safeguards.

Appropriate safeguards in the form of standard contractual clauses adopted by the European Commission or binding corporate rules are generally possible, but require prior verification by the contracting parties as to whether an adequate level of protection can be ensured. According to the case law of the ECJ, it may be necessary to implement additional protective measures.

As a rule, we have agreed the standard data protection clauses adopted by the European Commission with the technology providers we use who process personal data in a third country. Where possible, we also agree additional safeguards intended to ensure an adequate level of data protection in third countries without an adequacy decision.

Notwithstanding this, it may occur that, despite all contractual and technical measures, the level of data protection in the third country does not correspond to that of the EU. In such cases, we ask you, where necessary, to give your consent pursuant to Art. 49 (1) lit. a GDPR for the transfer of your personal data to a third country as part of the cookie consent.

In particular, there is a risk that local authorities in the third country may obtain access rights to your personal data that are not sufficiently limited from a European data protection perspective, that we as data exporter or you as data subject may not be aware of this, and/or that you may not have sufficient legal remedies available to prevent or challenge such access.

You can find out to which third countries data is transferred by us in the data protection information for the respective tool and/or the consent management platform (CMP) used by us.

7. Use of Cookies and Other Technologies

On our website, we use the following cookies and other technologies from third-party providers. Unless otherwise stated for the individual technologies, this is done on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR. After the purpose has ceased to apply and the use of the respective technology has ended, the data collected in this context will be deleted. You may revoke your consent at any time with effect for the future. Further information on your revocation options can be found in the section „Cookies and Other Technologies“. Further information, including the basis of our cooperation with the individual providers, can be found with the respective technologies. If you have any questions about the providers and the basis of our cooperation with them, please contact us using the contact option described in this privacy policy.

7.1 Use of Google Services

We use the technologies listed below provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland („Google“). The information automatically collected by Google technologies about your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored there. Unless otherwise stated for the individual technologies, data processing is carried out on the basis of an agreement concluded for the respective technology between jointly responsible parties pursuant to Art. 26 GDPR. Further information on data processing by Google can be found in Google’s privacy policy.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are also located and/or use servers in countries outside the EU and the EEA for which there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard contractual clauses of the European Commission.

Google Analytics

For the purpose of website analysis, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information as well as information about your use of our website), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. If you visit our website from the EU, your IP address is stored on a server located in the EU for deriving location data and then immediately deleted before traffic is forwarded to further Google servers for processing. Data processing is carried out on the basis of a data processing agreement with Google.

For the purpose of optimized marketing of our website, we have activated the data sharing settings for „Google products and services“. This allows Google to access the data collected and processed by Google Analytics and subsequently use it to improve Google services. Data sharing with Google within the scope of these settings is based on an additional agreement between jointly responsible parties. We have no influence on Google’s subsequent data processing.

For optimized marketing of our website, we use the so-called User ID function. This function allows us to assign a unique, permanent ID to your interaction data from one or more sessions on our online presences and thus analyze your user behavior across devices and sessions.

Through the Google Analytics extension Google Signals, cross-device tracking is enabled for web analysis. If your internet-enabled devices are linked to your Google account and you have activated the „personalized advertising“ setting in your Google account, Google can create reports on your usage behavior (in particular cross-device user numbers), even if you change devices. We do not process personal data in this context; we only receive statistics generated on the basis of Google Signals.

For web analysis and advertising purposes, the Google Analytics extension uses the so-called DoubleClick cookie to recognize your browser when visiting other websites. Google will use this information to compile reports on website activity and to provide other services related to website usage.

If you do not give consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR for the use of Google Analytics, no cookies will be stored on or read from your device and the data processing described above will not take place. To close gaps in web analysis through behavior and conversion modeling, pings containing data (user agent, information on your consent behavior, screen resolution, IP address) are sent to Google.

Google Ads

For advertising purposes in Google search results and on third-party websites, the so-called Google remarketing cookie is set when you visit our website. This enables interest-based advertising through the automatic collection and processing of data (IP address, time of visit, device and browser information as well as information about your use of our website), using a pseudonymous cookie ID and based on the pages you have visited. Further data processing only takes place if you have activated the „personalized advertising“ setting in your Google account. If you are logged into Google during your visit to our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing.

For website analysis and event tracking, we use Google Ads conversion tracking to measure your subsequent usage behavior if you reach our website via a Google Ads advertisement. Cookies may be used and data (IP address, time of visit, device and browser information as well as information about your use of our website based on events specified by us, such as visiting a page or subscribing to a newsletter) may be collected, from which usage profiles are created using pseudonyms.

If you do not give consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR for the use of Google Ads, no cookies will be stored on or read from your device and the data processing described above will not take place. To close gaps in web analysis through behavior and conversion modeling, pings containing data (user agent, information on your consent behavior, screen resolution, IP address, page URL, information on ad clicks in URL parameters) are sent to Google. Your IP address is used to derive the country.

Google Maps

For the visual display of geographical information, Google Maps collects data about your use of the map functions, in particular your IP address and location data, transmits it to Google and subsequently processes it. We have no influence on this subsequent data processing.

Google reCAPTCHA

To protect our web forms from misuse and spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information as well as information about your use of our website) and analyzes your website usage using JavaScript and cookies. Other cookies stored in your browser by Google services are also evaluated. Personal data from input fields of the respective form is neither read nor stored.

Google Fonts

For the uniform display of content on our website, data (IP address, time of visit, device and browser information) is collected via the script code „Google Fonts“, transmitted to Google and subsequently processed by Google. We have no influence on this subsequent data processing.

Google Tag Manager

Google Tag Manager allows us to manage various codes and services on our website. When implementing individual tags, Google may also process personal data (e.g. IP address, online identifiers such as cookies). Data processing is carried out on the basis of a data processing agreement with Google.

The use of Google Tag Manager enables the integration of various services and technologies.

If you do not wish to use individual tracking services and have therefore deactivated them, the deactivation will remain effective for all affected tracking tags integrated via Google Tag Manager.

YouTube Video Plugin

For embedding third-party content, the YouTube video plugin (in the enhanced privacy mode used by us) collects data (IP address, time of visit, device and browser information), transmits it to Google and subsequently processes it, but only if you play a video.

7.2 Use of Facebook Services

Use of Facebook Pixel

We use the Facebook Pixel within the scope of the technologies listed below provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland („Facebook (by Meta)“ or „Meta Platforms Ireland“). The Facebook Pixel automatically collects and stores data (IP address, time of visit, device and browser information as well as information about your use of our website based on events defined by us, such as visiting a page or subscribing to a newsletter), from which usage profiles are created using pseudonyms. Within the scope of the so-called advanced matching, additional information for matching purposes is collected and stored in hashed form, enabling the identification of individuals (e.g. names, email addresses, telephone numbers). When visiting our website, the Facebook Pixel automatically sets a cookie that enables recognition of your browser on other websites by means of a pseudonymous cookie ID. Facebook (by Meta) will combine this information with other data from your Facebook account and use it to compile reports on website activity and to provide further services related to website usage, in particular personalized and group-based advertising.

The information automatically collected by Facebook (by Meta) technologies about your use of our website is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information on data processing by Facebook can be found in Facebook’s privacy policy. Our service providers are located and/or use servers in countries for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina. The adequacy decision for the USA applies as a basis for third-country transfers insofar as the respective service provider is certified. Certification is in place. Our service providers are also located and/or use servers in Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, and Mexico.

No adequacy decision exists for these countries. Our cooperation with them is based on the standard contractual clauses of the European Commission.

Facebook Analytics

Within the scope of Facebook Business Tools, statistics on visitor activity on our website are generated from the data collected via the Facebook Pixel. Data processing is carried out on the basis of a data processing agreement with Facebook (by Meta). The analysis serves the optimal presentation and marketing of our website.

Facebook Ads (Ads Manager)

We advertise this website via Facebook Ads on Facebook (by Meta) and other platforms. We determine the parameters of the respective advertising campaigns. Facebook (by Meta) is responsible for the exact implementation, in particular the decision on ad placement for individual users. Unless otherwise stated for the individual technologies, data processing is carried out on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR. Joint responsibility is limited to the collection of data and its transmission to Meta Platforms Ireland. Subsequent data processing by Meta Platforms Ireland is not covered by this.

Based on statistics on visitor activity on our website generated via the Facebook Pixel, we operate group-based advertising via Facebook Custom Audiences by defining the characteristics of the respective target groups.

Within the scope of advanced matching for determining target groups (see above), Facebook (by Meta) acts as our processor.

Based on the pseudonymous cookie ID set by the Facebook Pixel and the collected data about your usage behavior on our website, we operate personalized advertising via Facebook Pixel remarketing.

Using Facebook Pixel conversions, we measure your subsequent usage behavior for web analysis and event tracking if you reach our website via a Facebook Ads advertisement. Data processing is carried out on the basis of a data processing agreement with Facebook (by Meta).

Use of Facebook Conversion API

We use the Facebook Conversion API on our website. This is a server-side event tracking interface through which we transmit data about your behavior on our website to Facebook for analysis. This allows us to display advertisements tailored to your user behavior.

We do not pass your data on to third parties. Within the scope of the Facebook Conversion API, however, we work together with Facebook to create user statistics. Data is also processed in the USA. The standard contractual clauses approved by the European Commission serve as the legal basis for this data processing.

The Meta Conversion API is a service of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Further information on the purpose of data processing and general data protection issues relating to the Facebook Conversion API can be found at https://www.facebook.com/about/privacy and https://www.facebook.com/settings?tab=ads.

7.3 Cookies and Technologies of Other Providers

Use of Vimeo Video Plugin for Embedding Third-Party Content

For embedding third-party content, the video plugin of Vimeo Inc., 330 West 34th Street, 5th Floor, New York 10011, USA („Vimeo“), collects data (IP address, time of visit, device and browser information), transmits it to Vimeo and subsequently processes it. Data processing is carried out on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR. Google Analytics is automatically integrated into the Vimeo video plugin. For website analysis, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information as well as information about your use of our website), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. Google Analytics is a service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland („Google“). The information automatically collected by Google about your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored there. If you visit our website from the EU, your IP address is stored on a server located in the EU for deriving location data and then immediately deleted before traffic is forwarded to further Google servers for processing. We have no influence on or access to data processing by Vimeo, including Google Analytics settings and results.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

8. Social Media

Our Online Presence on Facebook (by Meta), X (formerly Twitter), Instagram (by Meta), YouTube, Pinterest, LinkedIn, Xing

If you have given your consent to the respective social media operator pursuant to Art. 6 (1) sentence 1 lit. a GDPR, data about your visit to our online presences on the above-mentioned social networks is automatically collected and stored for market research and advertising purposes, from which usage profiles are created using pseudonyms. These may be used, for example, to display advertisements within and outside the platforms that are presumed to correspond to your interests. Cookies are generally used for this purpose. Detailed information on the processing and use of data by the respective social media operator, as well as contact options and your rights and settings options for protecting your privacy, can be found in the data protection notices of the providers linked below. If you still require assistance, you may contact us.

Facebook (by Meta) is a service of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland („Meta Platforms Ireland“). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing in the context of visiting a Facebook (by Meta) fan page is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as a basis for third-country transfers insofar as the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

No adequacy decision by the European Commission exists for these countries. Our cooperation with them is based on the standard contractual clauses of the European Commission.

X is a service of Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland („X“). The information automatically collected by X about your use of our online presence on X is generally transmitted to a server of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

Instagram (by Meta) is a service of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland („Meta Platforms Ireland“). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing in the context of visiting an Instagram (by Meta) fan page is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as a basis for third-country transfers insofar as the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

No adequacy decision by the European Commission exists for these countries. Our cooperation with them is based on the standard contractual clauses of the European Commission.

YouTube is a service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland („Google“). The information automatically collected by Google about your use of our online presence on YouTube is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

Pinterest is a service of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland („Pinterest“). The information automatically collected by Pinterest about your use of our online presence on Pinterest is generally transmitted to a server of Pinterest, Inc., 505 Brannan St., San Francisco, CA 94107, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland („LinkedIn“). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is generally transmitted to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, and stored there.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: USA.

The adequacy decision for the USA applies as a basis for third-country transfers insofar as the respective service provider is certified. Certification is in place.

Xing is a service of New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.

9. Contact Options and Your Rights

9.1 Your Rights

As a data subject, you have the following rights:

pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;
pursuant to Art. 16 GDPR, the right to request without delay the rectification of inaccurate or completion of your personal data stored by us;
pursuant to Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is required
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation;
- for reasons of public interest; or
- for the establishment, exercise, or defense of legal claims;
pursuant to Art. 18 GDPR, the right to request restriction of processing of your personal data insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful and you oppose the erasure of the data;
- we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims; or
- you have objected to processing pursuant to Art. 21 GDPR;
pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request transmission to another controller;
pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your habitual residence, place of work, or our company’s registered office.

Right to Object

Where we process personal data as described above to safeguard our overriding legitimate interests within the framework of a balancing of interests, you may object to such processing with effect for the future. If processing is carried out for direct marketing purposes, you may exercise this right at any time as described above. If processing is carried out for other purposes, you have a right to object only if there are reasons arising from your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

This does not apply if processing is carried out for direct marketing purposes. In such cases, we will no longer process your personal data for this purpose.

9.2 Contact Options

If you have questions regarding the collection, processing, or use of your personal data, requests for information, rectification, restriction, or deletion of data, as well as revocation of granted consents or objection to a specific data use, please contact us directly using the contact details provided in our imprint.

Cookie	Duration	Description
__cfduid	1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.