top of page

Privacy Policy

Table of Contents

  • Introduction and Overview

  • Scope of Application

  • Legal Basis

  • Contact Details of the Controller

  • Storage Period

  • Rights under the General Data Protection Regulation

  • Data Transfer to Third Countries

  • Security of Data Processing

  • Communication

  • Cookies

  • Webhosting Introduction

  • Web Analytics Introduction

  • Online Marketing Introduction

  • Explanation of Terms Used

  • Final Word

Introduction and Overview

We have written this data protection declaration (version 24.03.2025-112968710) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (in short, data) we, as the data controller, and the processors commissioned by us (e.g. providers), will process in the future and what your legal options are. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data that we process about you.

Privacy policies usually sound very technical and use legal jargon. This privacy policy, on the other hand, is intended to describe the most important things as simply and transparently as possible. To the extent that it promotes transparency, technical terms are explained in a reader-friendly way, links to further information are provided and graphics are used. We use clear and simple language to explain that we only process personal data in the course of our business activities if there is a corresponding legal basis for doing so. This is certainly not possible if we use the briefest, most unclear and legally technical explanations possible, as is often the case on the internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps you will find some information that you did not know before.
If you still have questions, please contact the responsible office named below or in the imprint, follow the links provided and view further information on third-party sites. You can also find our contact details in the imprint.

Scope of application

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person's name, email address and postal address. Processing personal data enables us to offer and bill for our services and products, both online and offline. This privacy policy applies to:

  • all online presences (websites, online shops) that we operate

  • social media presences and e-mail communication

  • mobile apps for smartphones and other devices

In short, the privacy policy applies to all areas in which personal data is processed in a structured way in the company through the channels mentioned. If we enter into a legal relationship with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, that enable us to process personal data.
As far as EU law is concerned, we refer to the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can, of course, read this EU General Data Protection Regulation online at EUR-Lex, the access to EU law, at https://eur-lex.europa. eu/legal-content/EN/ALL/?uri=celex%3A32016R0679.

We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.

  2. Contract (Article 6 (1) (b) GDPR): We process your data in order to fulfil a contract or pre-contractual obligations with you. For example, if we enter into a sales contract with you, we require personal information in advance.

  3. Legal obligation (Article 6 (1) (c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to keep invoices for accounting purposes. These usually contain personal data.

  4. Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing is therefore a legitimate interest.

Other conditions, such as the exercise of public interest and public authority, as well as the protection of vital interests, do not usually arise for us. Insofar as such a legal basis should be relevant, however, this will be indicated at the appropriate point.

In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Data Protection Act (Datenschutzgesetz), or DSG for short.

  • In Germany, the Federal Data Protection Act (Bundesdatenschutzgesetz) or BDSG for short applies.

If further regional or national laws apply, we will inform you about them in the following sections.

Contact details of the controller

If you have any questions about data protection or the processing of personal data, you will find the contact details of the person responsible below in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR):
Kultique GmbH
Tom Trebert
Mühldorfstrasse 15
5310 Tiefgraben
Austria
Authorised to represent: Tom Trebert
E-mail: tom@kultique.com
Phone: +43 6604409378
Imprint: https://www.himmel-blau.at/impressum/

Storage duration

We generally only store personal data for as long as is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing the data no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to apply, for example for accounting purposes.

Should you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and insofar as there is no obligation to store it.

We will inform you below about the specific duration of the respective data processing, provided that we have further information.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we will inform you about the following rights to which you are entitled in order to ensure fair and transparent data processing:

  • According to Article 15 of the GDPR, you have the right to obtain confirmation as to whether or not we are processing your data. If that is the case, you have the right to receive a copy of the data and to be informed of the following information:

    • the purpose of the processing;

    • the categories, i.e. the types of data being processed;

    • who receives the data and, if the data is transferred to third countries, how security can be guaranteed;

    • how long the data will be stored;

    • the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability and the right to lodge a complaint with a supervisory authority (links to these authorities can be found below)

    • the source of the data if we did not collect it from you;

    • whether profiling is carried out, i.e. whether data is automatically evaluated to create a personal profile of you.

  • According to Article 16 of the GDPR, you have the right to have your data rectified, which means that we must correct data if you find any errors.

  • According to Article 17 of the GDPR, you have the right to erasure (‘right to be forgotten’), which specifically means that you may request the deletion of your data.

  • According to Article 18 of the GDPR, you have the right to restrict processing, which means that we may only store the data but may not use it further.

  • According to Article 20 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.

  • According to Article 21 of the GDPR, you have the right to object, which, if enforced, will result in a change in processing.

    • If the processing of your data is based on Article 6 (1) (e) (public interest, exercise of official authority) or Article 6 (1) (f) (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.

    • If data is used for direct marketing purposes, you can object to this type of data processing at any time. We will then no longer be allowed to use your data for direct marketing.

    • If data is used for profiling, you can object to this type of data processing at any time. We will then no longer be allowed to use your data for profiling.

  • According to Article 22 of the GDPR, you have the right not to be subject to a decision based solely on automated processing (e.g. profiling).

  • According to Article 77 of the GDPR, you have the right to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: you have rights – do not hesitate to contact the responsible body listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:

Austrian Data Protection Authority

Head: Dr. Matthias Schmidl
Address: Barichgasse 40-42, 1030 Vienna
Telephone number: +43 1 52 152-0
Email address: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/

Data transfer to third countries

We only transfer or process data to countries outside the scope of the GDPR (third countries) if you consent to this processing or if there is some other legal permission to do so. This applies in particular if the processing is required by law or necessary to fulfil a contractual relationship and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason for us to have data processed in third countries. The processing of personal data in third countries such as the USA, where many software companies offer services and have their server locations, can mean that personal data is processed and stored in unexpected ways.

We would like to explicitly point out that, in the opinion of the European Court of Justice, an adequate level of protection for data transferred to the USA currently only exists if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. You can find more information at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en

Data processing by US services that are not active participants in the EU-US Data Privacy Framework may result in data not being processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. In addition, it may happen that collected data is linked to data from other services of the same provider, provided that you have a corresponding user account. Wherever possible, we try to use server locations within the EU, provided that this is offered.
We will inform you in more detail about data transfers to third countries where applicable at the appropriate places in this privacy policy.

Security of data processing

We have implemented both technical and organisational measures to protect personal data. Wherever possible, we encrypt or pseudonymise personal data. In doing so, we make it as difficult as possible for third parties to infer personal information from our data.

Art. 25 GDPR refers to ‘data protection through technology design and data protection-friendly default settings’ and means that security is always considered and appropriate measures are taken for both software (e.g. forms) and hardware (e.g. access to the server room). In the following, we will discuss specific measures if necessary.

TLS encryption with https

TLS, encryption and https sound very technical and they are. We use HTTPS (Hypertext Transfer Protocol Secure stands for ‘secure hypertext transfer protocol’) to transfer data securely over the internet.
This means that the complete transfer of all data from your browser to our web server is secured – nobody can ‘listen in’.

This means that we have introduced an additional layer of security and fulfil data protection through technology design (Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data.
You can recognise the use of this data transmission security by the small lock symbol in the top left of the browser, to the left of the Internet address (e.g. beispielseite.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you would like to know more about encryption, we recommend a Google search for ‘Hypertext Transfer Protocol Secure wiki’ to get good links to further information.

Communication

Communication Summary
👥 Data subjects: All those who communicate with us by phone, email or online form
📓 Data processed: e.g. phone number, name, email address, data entered in forms. You can find more details about this for each type of contact used
🤝 Purpose: Handling communication with customers, business partners, etc.
📅 Storage duration: Duration of the business case and legal requirements
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract), Art. 6 para. 1 lit. f GDPR (legitimate interests)

If you contact us and communicate with us by phone, email or online form, personal data may be processed.

The data is processed for the purpose of handling and processing your question and the related business transaction. The data is stored for just as long as required by law.

Data subjects

The above processes affect all those who seek to contact us via the communication channels we provide.

Telephone

When you call us, the call data is stored pseudonymously on the respective end device and at the telecommunications provider used. In addition, data such as name and telephone number can be sent by email and stored to answer the enquiry. The data will be deleted as soon as the business case has been closed and legal requirements permit.

Email

When you communicate with us by email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data is stored on the email server. The data will be deleted as soon as the business case has been closed and legal requirements permit.

Online forms

If you communicate with us using an online form, data is stored on our web server and, if necessary, forwarded to one of our email addresses. The data is deleted as soon as the business case has been closed and legal requirements permit.

Legal basis

The processing of data is based on the following legal bases:

  • Art. 6 para. 1 lit. a GDPR (consent): You give us consent to store your data and to use it for purposes related to the business transaction;

  • Art. 6 para. 1 lit. b GDPR (contract): there is a need for the fulfilment of a contract with you or a processor such as a telephone provider, or we need to process the data for pre-contractual activities such as preparing an offer;

  • Art. 6 para. 1 lit. f GDPR (legitimate interests): We want to handle customer enquiries and business communication in a professional manner. To do this, certain technical facilities such as e-mail programs, exchange servers and mobile phone operators are necessary to be able to operate efficiently.

Cookies

Cookies Summary
👥 Data subjects: visitors to the website
🤝 Purpose: depends on the cookie in question. You can find more details below or from the software manufacturer that sets the cookie.
📓 Data processed: depends on the cookie used. You can find more details below or from the software manufacturer that sets the cookie.
📅 Storage period: depending on the cookie in question, this can vary from hours to years
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data.
To help you understand the following data protection declaration, we will explain below what cookies are and why they are used.

Whenever you surf the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is the ‘brain’ of your browser, so to speak. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the ‘user-related’ information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie from the server, which the browser reuses as soon as another page is requested.
 

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie is to be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programmes and do not contain viruses, Trojans or other ‘pests’. Cookies also cannot access information on your PC.

For example, cookie data may look like this:

Name: _ga
Value: GA1.2.1326744211.152112968710-9
Purpose: Distinguishing between website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

  • At least 4096 bytes per cookie

  • At least 50 cookies per domain

  • At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is explained in the following sections of the data protection declaration. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are four types of cookies:

Essential cookies
These cookies are necessary to ensure the basic functionality of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and only proceeds to checkout later. These cookies ensure that the shopping cart is not deleted even if the user closes their browser window.

Functional cookies
These cookies collect information about user behaviour and whether the user receives any error messages. These cookies also measure the loading time and how the website behaves in different browsers.

Targeted cookies
These cookies ensure a better user experience. For example, they store information about the locations entered, font sizes or form data.

Advertising cookies
These cookies are also called targeting cookies. They are used to deliver customised advertising to the user. This can be very useful, but it can also be very annoying.

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you wish to allow. And, of course, this decision is also stored in a cookie.

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265 the Internet Engineering Task Force's (IETF) Request for Comments called ‘HTTP State Management Mechanism’.

Purpose of processing via cookies

The purpose ultimately depends on the cookie in question. You can find more details below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are little helpers for many different tasks. Unfortunately, it is not possible to generalise about what data is stored in cookies, but we will inform you about the processed or stored data in the context of the following data protection declaration.

How long cookies are stored

The storage period depends on the cookie in question and is explained in more detail below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.

You can also influence the storage duration yourself. You can manually delete all cookies at any time via your browser (see also ‘Right to object’ below). Furthermore, cookies that are based on consent will be deleted at the latest after you withdraw your consent, although the lawfulness of the storage remains unaffected until then.

Right to object – how can I delete cookies?

You decide how and whether you want to use cookies. Regardless of the service or website the cookies come from, you always have the option to delete, disable or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Deleting, activating and managing cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Deleting cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you do not want any cookies at all, you can set up your browser to always notify you when a cookie is about to be placed. This way, you can decide for each individual cookie whether or not to allow it. The procedure varies depending on the browser. The best approach is to search for instructions in Google using the search term ‘delete cookies Chrome’ or ‘disable cookies Chrome’ if you use a Chrome browser.

Legal basis

The so-called ‘Cookie Guidelines’ have been in place since 2009. These stipulate that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). However, there are still very different reactions to these guidelines within EU countries. In Austria, however, this guideline was implemented in § 165 (3) of the Telecommunications Act (2021). In Germany, the cookie guidelines were not implemented as national law. Instead, the directive was largely implemented in Section 15 (3) of the Telemedia Act (TMG), which has been replaced by the Digital Services Act (DDG) since May 2024.

For absolutely necessary cookies, even if consent has not been given, legitimate interests exist (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience, and certain cookies are often essential for this.

If cookies that are not absolutely necessary are used, this will only be done if you give your consent. The legal basis for this is Art. 6 para. 1 lit. a GDPR.

In the following sections, you will be informed in more detail about the use of cookies, provided that the software used employs cookies.

Web hosting Introduction

Web hosting Summary
👥 Data subjects: visitors to the website
🤝 Purpose: professional hosting of the website and safeguarding of operations
📓 Processed data: IP address, time of website visit, browser used and other data. You can find more details below or from the respective web hosting provider.
📅 Storage period: depending on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 para. 1 lit.f GDPR (legitimate interests)

What is web hosting?

When you visit websites these days, certain information – including personal data – is automatically created and stored, and this is also the case on this website. This data should be processed as sparingly as possible and only with justification. Incidentally, by website we mean the totality of all web pages on a domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). A domain is something like example.de or example.com.

If you want to view a website on a computer, tablet or smartphone, you use a programme called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We'll just call them browsers or web browsers for short.

To display the website, the browser has to connect to another computer where the website code is stored: the web server. Operating a web server is a complicated and expensive task, which is why it is usually done by professional providers. They offer web hosting and thus ensure that website data is stored reliably and without errors. A whole bunch of technical terms, but please stay tuned, it's going to get even better!

When the browser connects to your computer (desktop, laptop, tablet or smartphone) and during the data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also store data for a while to ensure proper operation.

A picture is worth a thousand words, so the following graphic illustrates the interaction between the browser, the internet and the hosting provider.

 

Why do we process personal data?

The purposes of data processing are:

  1. Professional hosting of the website and safeguarding of operations

  2. to maintain operational and IT security

  3. Anonymous evaluation of access behaviour to improve our services and, if necessary, for criminal prosecution or the pursuit of claims.

What data is processed?

Even as you visit our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as

  • the complete internet address (URL) of the website accessed

  • browser and browser version (e.g. Chrome 87)

  • the operating system used (e.g. Windows 10)

  • the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/)

  • the host name and IP address of the device from which the access is made (e.g. computer name and 194.23.43.121)

  • Date and time

  • in files, the so-called web server log files

How long is data stored?

In general, the above data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that it may be viewed by the authorities in the event of unlawful behaviour.

In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data without your consent!

Legal basis

The lawfulness of the processing of personal data in the context of web hosting arises from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company securely and in a user-friendly way on the internet and to be able to track attacks and claims arising from them if necessary.

We usually have a contract with the hosting provider for order processing in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

External web hosting provider data protection declaration

Below you will find the contact details of our external hosting provider, where you can find out more about data processing in addition to the information above:

Wix.com Ltd.
40 Namal Tel Aviv St.
Tel Aviv, 6350671, Israel

📞 Phone: +1 415-639-9034
📧 Email: privacy@wix.com

You can find out more about data processing at this provider in the privacy policy.

Web Analytics Introduction

Web Analytics Privacy Policy Summary
👥 Data subjects: visitors to the website
🤝 Purpose: Evaluation of visitor information to optimise the website.
📓 Processed data: Access statistics containing data such as location of access, device data, access duration and time, navigation behaviour, click behaviour and IP addresses. You can find more details about this for each web analytics tool used.
📅 Storage period: depending on the web analytics tool used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is web analytics?

We use software on our website to evaluate the behaviour of website visitors, known as web analytics or web analysis for short. This involves collecting data that the respective analytic tool provider (also known as a tracking tool) stores, manages and processes. The data is used to create analyses of user behaviour on our website and made available to us as the website operator. In addition, most tools offer various testing options. This allows us to test, for example, which offers or content are best received by our visitors. To do this, we show you two different offers for a limited period of time. After the test (so-called A/B test), we know which product or content our website visitors find more interesting. For such test procedures, as well as for other analytics procedures, user profiles can also be created and the data stored in cookies.

Why do we use web analytics?

We have a clear goal in mind with our website: we want to provide the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting range of products on the one hand, while also making sure that you feel completely at home on our website. With the help of web analysis tools, we can take a closer look at the behaviour of our website visitors and then improve our web offering for you and us accordingly. For example, we can see the average age of our visitors, where they come from, when our website is most frequently visited and which content or products are particularly popular. All this information helps us to optimise the website and thus adapt it to your needs, interests and wishes.

What data is processed?

Exactly which data is stored depends, of course, on the analysis tools used. But as a rule, for example, the content you view on our website, the buttons or links you click on, when you access a page, which browser you use, with which device (PC, tablet, smartphone, etc.) you visit the website or which computer system you use. If you have agreed that location data may also be collected, this data can also be processed by the web analysis tool provider.

Your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is usually stored in pseudonymised form (i.e. in an unrecognisable and abbreviated form). In principle, no direct data, such as your name, age, address or email address, is stored for the purposes of testing, web analysis and web optimisation. All this data, if collected at all, is stored in pseudonymised form. This means that you cannot be identified as a person.

The following example shows how Google Analytics works as an example of client-based web tracking with JavaScript code.

 

How long the respective data is stored always depends on the provider. Some cookies store data only for a few minutes or until you leave the website, other cookies can store data for several years.

Duration of data processing

We will inform you about the duration of data processing below, provided that we have further information. In general, we process personal data only for as long as it is absolutely necessary to provide our services and products. If it is legally required, as for example in the case of accounting, this storage period may also be exceeded.

Right of objection

You have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we have obtained with our cookie popup. According to Art. 6 para. 1 lit. a GDPR (consent), this consent is the legal basis for the processing of personal data, as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analysing the behaviour of website visitors and thus improving our offering both technically and economically. With the help of web analytics, we can detect website errors, identify attacks and improve efficiency. The legal basis for this is Art. 6 para. 1 lit. f DSGVO (legitimate interests). However, we only use the tools if you have given your consent.

Since cookies are used for web analytics tools, we also recommend that you read our general data protection declaration on cookies. To find out exactly which of your data are stored and processed, you should read the data protection declarations of the respective tools.

Information on special web analytics tools, if available, can be found in the following sections.

Google Analytics data protection declaration

Google Analytics data protection declaration summary
👥 Affected parties: visitors to the website
🤝 Purpose: Evaluation of visitor information to optimise the website.
📓 Processed data: Access statistics containing data such as location of access, device data, access duration and time, navigation behaviour and click behaviour. You can find more details on this below in this data protection declaration.
📅 Storage duration: individually adjustable, by default Google Analytics stores 4 data for 14 months
⚖️ Legal basis: Art. 6 para. 1 lit. a DSGVO (consent), Art. 6 para. 1 lit. f DSGVO (legitimate interests)

What is Google Analytics?

We use the analysis tracking tool Google Analytics in the Google Analytics 4 (GA4) version of the American company Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe. Google Analytics collects data about your actions on our website. Through the combination of various technologies such as cookies, device IDs and login information, you can be identified as a user across different devices. This means that your actions can also be analysed across platforms.

For example, when you click on a link, this event is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us to better tailor our website and services to your needs. In the following, we will discuss the tracking tool in more detail and, in particular, inform you about what data is processed and how you can prevent this.

Google Analytics is a tracking tool that is used to analyse the data traffic on our website. These measurements and analyses are based on a pseudonymous user identification number. This number does not contain any personal data such as your name or address, but is used to assign events to a device. GA4 uses an event-based model that collects detailed information about user interactions such as page views, clicks, scrolling and conversion events. In addition, various machine learning functions have been built into GA4 to better understand user behaviour and certain trends. GA4 relies on modelling with the help of machine learning functions. This means that missing data can be extrapolated on the basis of the collected data in order to optimise the analysis and also to be able to make forecasts.

To make Google Analytics work, a tracking code is built into the code of our website. When you visit our website, this code records various events that you carry out on our website. With the event-based data model of GA4, we as website operators can define and track specific events in order to obtain analyses of user interactions. This means that, in addition to general information such as clicks or page views, special events that are important for our business can also be tracked. Such special events can, for example, be sending a contact form or purchasing a product.

As soon as you leave our website, this data is sent to the Google Analytics server and stored there.

Google processes the data and we receive reports about your user behaviour. These reports can include, but are not limited to, the following:

  • Target group reports: Target group reports help us get to know our users better and give us a more precise idea of who is interested in our service.

  • Display reports: Display reports help us analyse and improve our online advertising.

  • Acquisition reports: Acquisition reports provide us with helpful information on how we can attract more people to our service.

  • Behavioural reports: These reports tell us how you interact with our website. We can see which links you click on and the path you take through our site.

  • Conversion reports: A conversion is when you perform a desired action in response to a marketing message. For example, when you go from being a mere website visitor to a buyer or newsletter subscriber. These reports help us learn more about how our marketing efforts reach you. This is how we want to increase our conversion rate.

  • Real-time reports: These always tell us immediately what is happening on our website. For example, we can see how many users are currently reading this text.

In addition to the above-mentioned analysis reports, Google Analytics 4 also offers the following functions, among others:

  • Event-based data model: This model records very specific events that may take place on our website. For example, playing a video, purchasing a product or registering for our newsletter.

  • Advanced analytics: These functions enable us to better understand your behaviour on our website or certain general trends. For example, we can segment user groups, perform comparative analyses of target groups or track your path on our website.

  • Predictive modelling: Based on collected data, machine learning can be used to extrapolate missing data that predicts future events and trends. This can help us to develop better marketing strategies.

  • Cross-platform analysis: Data can be collected and analysed from both websites and apps. This offers us the opportunity to analyse user behaviour across platforms, provided that you have consented to the data processing.

Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.

The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our site so that it is easier for interested people to find on Google. On the other hand, the data helps us to better understand you as a visitor. This means we know exactly what we need to improve on our website to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures in a more individual and cost-effective way. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics uses a tracking code to create a random, unique ID that is associated with your browser cookie. This is how Google Analytics recognises you as a new user and assigns you a user ID. The next time you visit our site, you will be recognised as a ‘returning’ user. All the data collected is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles.

To analyse our website with Google Analytics, a property ID must be added to the tracking code. The data is then saved in the corresponding property. The Google Analytics 4 property is standard for each newly created property. Depending on the property used, data is stored for different lengths of time.

Your interactions are measured across platforms through identifiers such as cookies, app instance IDs, user IDs or custom event parameters, provided you have given your consent. Interactions are all types of actions that you perform on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics can be linked to third-party cookies. Google does not share any Google Analytics data unless we, as the website operator, authorise it. Exceptions may occur if required by law.

According to Google, IP addresses are not logged or stored in Google Analytics 4. However, Google uses the IP address data to derive location data and deletes it immediately afterwards. All IP addresses collected from users in the EU are therefore deleted before the data is stored in a data centre or on a server.

Since Google Analytics 4 focuses on event-based data, the tool uses significantly fewer cookies than previous versions (such as Google Universal Analytics). Nevertheless, there are some specific cookies that are used by GA4. These include, for example:

Name: _ga
Value: 2.1326744211.152112968710-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is used to distinguish between website visitors.
Expiry date: after 2 years

Name: _gid
Value: 2.1687193234.152112968710-1
Purpose: The cookie is also used to distinguish between website visitors
Expiry date: after 24 hours

Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to lower the request rate. If Google Analytics is provided through Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiry date: after 1 minute

Note: This list does not claim to be complete, as Google keeps changing the way it names its cookies. The aim of GA4 is also to improve data protection. Therefore, the tool offers some options for controlling data collection. For example, we can define the storage period ourselves and also control data collection.

Here is an overview of the main types of data collected by Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show you exactly the areas that you click on. This way we get information about where you are ‘travelling’ on our site.

Session duration: Google defines the session duration as the time you spend on our site without leaving it. If you are inactive for 20 minutes, the session ends automatically.

Bounce rate: A bounce occurs when you view only one page on our website and then leave our website.

Account creation: If you create an account or place an order on our website, Google Analytics collects this data.

Location: IP addresses are not logged or stored in Google Analytics. However, shortly before the IP address is deleted, derivations are used for location data.

Technical information: Technical information includes, among other things, your browser type, your internet service provider or your screen resolution.

Source: Google Analytics and we are naturally also interested in which website or which advertisement you used to come to our site.

Further data includes contact data, any ratings, playing media (e.g. if you play a video on our site), sharing content via social media or adding to your favourites. The list is not exhaustive and is only intended to provide a general overview of how Google Analytics stores data.

How long and where is the data stored?

Google has servers all over the world. You can find out exactly where the Google data centres are located here: https://www.google.com/about/datacenters/locations/?hl=de

Your data is distributed across a number of physical storage devices. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. Each Google data centre has appropriate disaster recovery programmes for your data. If, for example, Google's hardware fails or natural disasters cripple servers, the risk of service interruption at Google remains low.

The retention period for the data depends on the properties used. The storage period is always defined separately for each individual property. Google Analytics offers us four options for controlling the storage period:

  • 2 months: this is the shortest storage period.

  • 14 months: by default, GA4 stores the data for 14 months.

  • 26 months: the data can also be stored for 26 months.

  • Data is only deleted if we delete it manually.

In addition, there is also the option that data will only be deleted if you no longer visit our website within the period we have selected. In this case, the retention period is reset each time you visit our website again within the specified period.

Once the specified time period has passed, the data is deleted once a month. This retention period applies to your data associated with cookies, user-ID and advertising IDs (e.g. cookies from the DoubleClick domain). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.

How can I delete my data or prevent data storage?

According to the data protection law of the European Union, you have the right to receive information about your data, to update it, to delete it or to restrict it. You can use the browser add-on to deactivate Google Analytics JavaScript (analytics.js, gtag.js) to prevent Google Analytics 4 from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.

If you generally wish to deactivate, delete or manage cookies, you will find the corresponding links to the respective instructions for the most popular browsers in the ‘Cookies’ section.

Legal basis

The use of Google Analytics requires your consent, which we have obtained with our cookie popup. This consent is the legal basis for the processing of personal data, as may occur during its collection by web analytics tools, in accordance with Article 6(1)(a) of the GDPR (consent).

In addition to consent, we have a legitimate interest in analysing the behaviour of website visitors and thus improving our offering both technically and economically. With the help of Google Analytics, we can detect website errors, identify attacks and improve efficiency. The legal basis for this is Art. 6 para. 1 lit. f DSGVO (legitimate interests). However, we only use Google Analytics if you have given your consent.

Google processes your data in the United States, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the United States. You can find more information at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses standard contractual clauses (Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the US). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google is obliged to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

We hope we have been able to provide you with the most important information about Google Analytics data processing. If you would like to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and https://support.google.com/analytics/answer/6004245?hl=de.

If you want to learn more about data processing, please use Google's privacy policy at https://policies.google.com/privacy?hl=de.

Google Optimize privacy policy

We use Google Optimize, a website optimisation tool, on our website. The service provider is the American company Google Inc. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe.

Google also processes your data in the United States, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the US. You can find more information at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses standard contractual clauses (Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the US). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google is obliged to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can find out more about the data processed by using Google Optimize in the privacy policy at https://policies.google.com/privacy?hl=de.

Online marketing Introduction

Online marketing data protection declaration Summary
👥 Data subjects: visitors to the website
🤝 Purpose: evaluation of visitor information to optimise the website.
📓 Processed data: Access statistics containing data such as location of access, device data, access duration and time, navigation behaviour, click behaviour and IP addresses. Personal data such as name or email address may also be processed. You can find more details about this in the online marketing tool used.
📅 Storage duration: depending on the online marketing tools used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests)

What is online marketing?

Online marketing refers to all measures that are carried out online to achieve marketing goals such as increasing brand awareness or closing a business deal. Furthermore, our online marketing measures aim to draw people's attention to our website. In order to be able to show our offer to as many interested people as possible, we therefore engage in online marketing. This usually involves online advertising, content marketing or search engine optimisation. To ensure that we can use online marketing efficiently and in a targeted manner, personal data is also stored and processed. On the one hand, the data helps us to show our content only to those people who are really interested in it, and on the other hand, we can measure the advertising success of our online marketing measures.

Why do we use online marketing tools?

We want to show our website to everyone who is interested in what we have to offer. We are aware that this is not possible without consciously implemented measures. That is why we do online marketing. There are various tools that make our online marketing measures easier for us and also provide suggestions for improvement based on data. This enables us to tailor our campaigns more precisely to our target group. The purpose of these online marketing tools is ultimately to optimise our offering.

What data is processed?

In order for our online marketing to work and for the success of the measures to be measured, user profiles are created and data is stored in cookies (small text files), for example. With the help of this data, we can not only place advertising in the classic sense, but also display our content in the way you prefer, directly on our website. There are various third-party tools that offer these functions and also collect and store data from you accordingly. The cookies mentioned, for example, store which pages you have visited on our website, how long you have viewed these pages, which links or buttons you click or from which website you came to us. In addition, technical information may also be stored. For example, your IP address, which browser you are using, from which device you are visiting our website or the time when you accessed our website and when you left it again. If you have given us your consent to also determine your location, we can also store and process this.

Your IP address is stored in pseudonymised form (i.e. shortened). Unique data that directly identifies you as a person, such as your name, address or email address, is only stored in pseudonymised form as part of advertising and online marketing procedures. We are therefore unable to identify you as a person; we only have the pseudonymised, stored information stored in the user profiles.

The cookies may also be used, analysed and used for advertising purposes on other websites that work with the same advertising tools. The data can then also be stored on the servers of the advertising tool providers.

In exceptional cases, unique data (names, email addresses, etc.) may also be stored in the user profiles. This storage occurs, for example, if you are a member of a social media channel that we use for our online marketing measures and the network connects data that has already been entered with the user profile.

For all advertising tools we use that store your data on their servers, we only ever receive summarised information and never data that makes you identifiable as an individual. The data merely shows how well advertising measures worked. For example, we see which measures prompted you or other users to come to our website and purchase a service or product there. Based on the analyses, we can improve our advertising offer in the future and adapt it even more precisely to the needs and wishes of interested persons.

Duration of data processing

We will inform you about the duration of the data processing below, provided that we have further information. In general, we process personal data only as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years. The respective data protection declarations of the individual providers usually provide you with detailed information about the individual cookies used by the provider.

Right of objection

You also have the right and the option at any time to revoke your consent to the use of cookies or third-party providers. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. The lawfulness of the processing up to the point of revocation remains unaffected.

Since cookies can generally be used with online marketing tools, we also recommend that you read our general data protection statement about cookies. To find out exactly which of your data are stored and processed, you should read the data protection statements of the respective tools.

Legal basis

If you have given your consent for third-party providers to be used, this consent is the legal basis for the corresponding data processing. According to Art. 6 (1) point a GDPR (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur during collection by online marketing tools.

We also have a legitimate interest in measuring online marketing measures in anonymised form in order to optimise our services and measures with the help of the data obtained. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, we only use the tools if you have given your consent.

Information on specific online marketing tools, where available, can be found in the following sections.

Google Marketing Platform (formerly: DoubleClick) Privacy Policy

We use Google Marketing Platform products on our website. These include various marketing tools such as Data Studio, Surveys, Campaign Manager 360, Display & Video 360 or Search Ads 360. The service provider is the American company Google Inc. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe.

Google also processes your data in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the US. You can find more information at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses standard contractual clauses (Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the US). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google is obliged to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can find out more about the data processed when using Google Marketing Platform products in the privacy policy at https://business.safety.google/intl/de/adsprocessorterms/.

LinkedIn Insight Tag Privacy Policy

LinkedIn Insight Tag Privacy Policy Summary
👥 Data subjects: visitors to the website
🤝 Purpose: to evaluate visitor information to optimise the website.
📓 Processed data: access statistics containing data such as access locations, device data, access duration and time, navigation behaviour, click behaviour and IP addresses. More details can be found below and in LinkedIn's privacy policy.
📅 Storage period: direct identifiers through LinkedIn Insight tag are removed within seven days
⚖️ Legal basis: Art. 6 para. 1 lit. a DSGVO (consent), Art. 6 para. 1 lit. f DSGVO (legitimate interests)

What is LinkedIn Insight Tag?

We use the conversion tracking tool LinkedIn Insight Tag on our website. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The company LinkedIn Ireland Unlimited (Wilton Place, Dublin 2, Ireland) is responsible for data protection issues in the European Economic Area (EEA), the EU and Switzerland.

When the tracking tool is embedded, data can be sent to LinkedIn, stored and processed there. In this privacy policy, we want to inform you about what data is involved, how the network uses this data and how you can manage or prevent the storage of data.

LinkedIn is the largest social network for business contacts. Unlike Facebook, for example, the company focuses exclusively on building business contacts. Companies can use the platform to present services and products and establish business relationships. Many people also use LinkedIn to search for jobs or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria, there are about 1.3 million.

The LinkedIn conversion tracking tool is a small JavaScript code that we have integrated into our website. This function helps us to better tailor our advertising offer to your interests and needs. In the following article, we will explain in more detail why we use LinkedIn Insight Tag, what data is stored in the process, and how you can prevent this data storage.

Why do we use LinkedIn Insight Tag on our website?

We use LinkedIn Insight Tag to draw attention to our offer. The aim is to ensure that our advertising campaigns only reach people who are interested in our offers. With the LinkedIn Insight tag, we can collect detailed information about your website behaviour if you are also a LinkedIn member. This also allows us to see which keywords, ads, ad groups and campaigns on LinkedIn lead to the desired customer actions. We can see how many customers interact with our ads on a device and then perform a conversion. This data enables us to calculate our cost-benefit factor, measure the success of individual advertising measures and consequently optimise our online marketing measures. We can also use the data obtained to make our website more interesting for you and to adapt our advertising offer even more individually to your needs.

What data is stored by LinkedIn Insight Tag?

As mentioned above, we have integrated a conversion tracking tag or code snippet on our website to better analyse certain user actions. When you click on one of our LinkedIn ads, a cookie may be stored on your computer (usually in the browser) or mobile device. In principle, LinkedIn processes data using a combination of cookies and server-side functions.

As soon as you complete an action on the website, LinkedIn recognises the cookie and stores your action as a so-called conversion. As long as you surf on our website, we and LinkedIn recognise that you have found us via our LinkedIn ad. The cookie is read and sent back to LinkedIn with the conversion data. It is also possible that other cookies are used to measure conversions.

In addition to your IP address, the URL, referrer URL, device and browser properties and timestamp are also stored. The IP address is considered personal data and is shortened or hashed by LinkedIn.

You may be wondering what conversions actually are. A conversion occurs when you go from being a purely interested website visitor to an active visitor. This always happens when you click on our ad and then take another action, such as visiting our website or purchasing a product. With LinkedIn's conversion tracking tool, we capture what happens after a user clicks on our LinkedIn ad. For example, we can see if products are purchased, services are used, or if you have signed up for our newsletter, for example.

In addition, demographic data that you have provided in your LinkedIn profile may also be processed. This may include information about your occupation, geographical location, industry or company.

We receive a report from LinkedIn with statistical analyses. This tells us, for example, the total number of users who clicked on our ad and shows us which advertising measures were well received.

How long and where is the data stored?

In principle, LinkedIn retains your personal data for as long as the company considers it necessary to provide its services. However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn may retain some data in a summarised and anonymised form even after you have deleted your account.

Direct identifiers through LinkedIn Insight tags are removed within seven days to pseudonymise the data. The resulting pseudonymised data is deleted within 180 days.

The data is stored on different servers in America and probably also in Europe.

How can I delete my data or prevent data storage?

You have the right to access and delete your personal data at any time.

You have the option not to participate in LinkedIn's conversion tracking. If you disable the Google conversion tracking cookie via your browser or do not consent to data processing via the Consent Manager (pop-up), you block conversion tracking. In this case, you will not be included in the tracking tool's statistics. You can change the cookie settings in your browser at any time. This works a little differently for each browser. You will find the corresponding links to the instructions for the most popular browsers under the ‘Cookies’ section.

You can also manage, change and delete your data in your LinkedIn account. You can also request a copy of your personal data from LinkedIn.

This is how you access the account data in your LinkedIn profile:

In LinkedIn, click on your profile symbol and select the ‘Settings and privacy’ section. Now click on ‘Privacy’ and then in the ‘How LinkedIn uses your data’ section, click on ‘Change’. You can quickly download selected data about your web activity and account history.

Legal basis

If you have given your consent for the LinkedIn Insight tag to be used, this consent is the legal basis for the corresponding data processing. According to Art. 6 para. 1 lit. a DSGVO (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when it is collected by the LinkedIn Insight tag.

We also have a legitimate interest in using the LinkedIn Insight tag to optimise our online service and our marketing measures. The corresponding legal basis for this is Art. 6 (1) point f GDPR (legitimate interests). However, we only use the LinkedIn Insight tag if you have given your consent.

LinkedIn also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This may be associated with various risks for the legality and security of data processing.

As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer to such recipients, LinkedIn uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are designed to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). These clauses oblige LinkedIn to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More information about the standard contractual clauses for LinkedIn can be found at https://de.linkedin.com/legal/l/dpaor https://www.linkedin.com/legal/l/eu-sccs

You can find out more about LinkedIn Insight Tag at https://www.linkedin.com/help/linkedin/answer/a427660. You can also find out more about the data processed through the use of LinkedIn Insight Tag in the privacy policy at https://de.linkedin.com/legal/privacy-policy.

Explanation of terms used

We always try to make our privacy policy as clear and understandable as possible. However, this is not always easy, especially when it comes to technical and legal topics. It often makes sense to use legal terms (such as personal data) or certain technical terms (such as cookies, IP address). However, we do not want to use these without explanation. Below you will find an alphabetical list of important terms used that we may not have adequately addressed in the previous data protection declaration. If these terms have been taken from the GDPR and are definitions, we will also provide the GDPR texts here and, if necessary, add our own explanations.

Processor

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the following definition shall apply:

‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Explanation: As a company and website owner, we are responsible for all the data we process about you. In addition to the controllers, there may also be so-called processors. These include any company or person that processes personal data on our behalf. Consequently, processors can be, in addition to service providers such as tax advisors, hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

Consent

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

Explanation: As a rule, such consent is given via a cookie consent tool on websites. You are bound to be familiar with this. Whenever you visit a website for the first time, you are usually asked via a banner whether you agree to or consent to the data processing. In most cases, you can also make individual settings and thus decide for yourself which data processing you allow and which you do not. If you do not consent, none of your personal data may be processed. Of course, consent can also be provided in writing, i.e. not via a tool.

Personal data

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term

‘personal data’ refers to any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified;

Explanation: Personal data is therefore all data that can identify you as a person. This is usually data such as:

  • Name

  • Address

  • Email address

  • Postal address

  • Telephone number

  • Date of birth

  • Identification numbers such as social security number, tax identification number, ID card number or matriculation number

  • Bank details such as account number, credit information, account balances and much more.

According to the European Court of Justice (ECJ), your IP address also counts as personal data. IT experts can use your IP address to determine at least the approximate location of your device and subsequently you as the subscriber. Therefore, the storage of an IP address also requires a legal basis in the sense of the GDPR. There are also so-called ‘special categories’ of personal data, which are also particularly worthy of protection. These include:

  • racial and ethnic origin

  • political opinions
     

Fill out the form below to receive more information

How would you like to be contacted?

Ihre E-Mail-Adresse ist bei uns sicher. Wir geben sie nicht weiter und versenden keine unerwünschten Nachrichten.

Call us directly on
+43 660 440 9378

© 2025 by Kultique GmbH

Notice

Kultique GmbH is responsible for the marketing of this property, but not for the property itself or the data mentioned in the exposé or on the website.

Privacy Policy
Imprint
bottom of page