• de
  • Privacy policy

    Status July 2021

     

    Table of contents

    1. Name and address of the responsible person
    2. Contact details of the data protection officer
    3. General information on data processing
    4. Rights of the data subject
    5. Provision of the website and creation of log files
    6. Use of essential cookies
    7. Use of cookie consent technology
    8. Use of other cookies
    9. Email contact
    10. Contact form
    11. Use of company presence in professional networks
    12. Hosting
    13. Used plugins

     

    1. name and address of the responsible person
    The responsible person within the meaning of the General Data Protection Regulation (DSGVO) and other data protection regulations is:
    CONCEDUS GmbH
    Schlehenstraße 6
    90542 Eckental
    Germany
    +49 9126 206 393 0
    info@concedus.com
    concedus.com

    2. contact details of the data protection officer
    The data protection officer of the responsible party is:
    Audit GmbH Karlsruhe Stuttgart
    Auditing company
    Heilbronner Street 41
    70191 Stuttgart
    Germany
    +49 711 222 13 14 16
    www.audit-wpg.com

    3. general information on data processing
    Scope of the processing of personal data
    As a matter of principle, we process personal data of our users only insofar as this is necessary to provide a functional website as well as our content and services. The processing of personal data of our users is regularly carried out only with the consent of the user concerned. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is required by legal regulations.

    SSL or TLS encryption

    For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

    If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

     

    Legal basis for the processing of personal data
    Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) sentence 1 lit. a of the EU General Data Protection Regulation (DSGVO) serves as the legal basis.

    When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) p. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

    Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) p. 1 lit. c DSGVO serves as the legal basis.

    In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) p. 1 lit. d DSGVO serves as the legal basis.

    If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) p. 1 lit. f DSGVO serves as the legal basis for the processing.

     

    Data deletion and storage period
    The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

     

    4. rights of the data subject
    If personal data is processed by you, you are a data subject within the meaning of the GDPR and you are entitled to the following rights against the controller:

    Right to information
    You may request confirmation from the controller as to whether personal data concerning you are being processed by it.

    If such processing is taking place, you may request information from the controller about the following:

    The purposes for which the personal data are processed;
    the categories of personal data which are processed;
    the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
    the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage period;
    the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
    the existence of a right of appeal to a supervisory authority;
    any available information about the origin of the data, if the personal data are not collected from the data subject;
    the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
    You have the right to request information about whether the personal data concerning you are transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer.

     

    Right to rectification
    You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you are inaccurate or incomplete. The controller shall carry out the rectification without undue delay.

     

    Right to restriction of processing
    Under the following conditions, you may request the restriction of the processing of personal data concerning you:

    o         if you contest the accuracy of the personal data concerning you: for a period enabling the controller to verify the accuracy of the personal data;

    o         the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;

    o         the controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise or defense of legal claims; or

    o         if you have objected to the processing pursuant to Article 21 (1) DSGVO and it is not yet clear whether the legitimate grounds of the controller outweigh your grounds.

    If the processing of personal data concerning you has been restricted, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

    If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

     

    Right to erasure
    a) Obligation to erasure
    You may request the controller to erase the personal data concerning you without undue delay, provided that one of the following reasons applies:

    The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
    You revoke your consent on which the processing was based pursuant to Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a DSGVO and there is no other legal basis for the processing.
    You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.
    The personal data concerning you has been processed unlawfully.
    The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
    The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.
    b) Information to third parties
    If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable steps, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.

    c) Exceptions
    The right to erasure does not exist to the extent that the processing is necessary

    For the exercise of the right to freedom of expression and information;
    for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) DSGVO;
    for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) DSGVO, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
    for the assertion, exercise or defense of legal claims.

    Right to information (obligation to report afterwards).
    If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

    You have the right vis-à-vis the controller to be informed about these recipients.

     

    Right to data portability
    You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

    the processing is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b DSGVO and
    the processing is carried out with the help of automated procedures.
    In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

    The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

    7. right to object

    You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) p. 1 lit. e or f DSGVO; this also applies to profiling based on these provisions.

    The controller will then no longer process the personal data concerning you, unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

    If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to processing of the personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

    If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

    You have the possibility, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.

    Right to revoke your declaration of consent under data protection law
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    Right to complain to a supervisory authority
    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

     

    5. provision of the website and creation of log files.
    Description and scope of data processing
    Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer.

    The following data is collected in this context:

    o         Information about the browser type and the version used.

    o         The operating system of the user

    o         The IP address of the user

    o         Date and time of access

    o         Websites from which the user’s system accesses our website

    This data is stored in the log files of our system. These data are not stored together with other personal data of the user.

     

    Purpose of data processing
    The temporary storage of the IP address by the system is necessary to enable delivery of the website or its contents to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

    The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

    These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f DSGVO.

     

    Legal basis for data processing
    The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f DSGVO.

     

    Duration of storage
    The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

    In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

     

    Possibility of objection and removal
    The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

     

    6. use of cookies
    Description and scope of data processing
    Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

    We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

    The user data collected in this way is pseudonymized by technical precautions. Therefore, an assignment of the data to the calling user is no longer possible. The data is not stored together with other personal data of the users.#

     

    Purpose of data processing
    The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

    We require cookies for the following applications:

    o         Acceptance of language settings.

    The user data collected through technically necessary cookies are not used to create user profiles.

     

    Legal basis for data processing
    The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 p. 1 lit. f DSGVO.

    Duration of storage, possibility of objection and removal.
    Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

    If you use a Safari browser from version 12.1, cookies are automatically deleted after seven days. This also applies to opt-out cookies that are set to prevent tracking measures.

    7. use of cookie consent technology
    Scope of the processing of personal data
    We use the consent management platform Usercentrics of Usercentrics GmbH, Rosental 4, 80331 Munich, Germany (hereinafter referred to as Usercentrics). Usercentrics enables us to obtain and manage user consent for data processing and to document it in a legally compliant manner. Usercentrics sets cookies on the user’s terminal device for this purpose. The following data is processed in the process:

    – Date and time of the visit

    – device information

    – Browser information

    – Anonymized IP address

    – Opt-in data

    The data is thereby processed geographically in the European Union.

    For more information about the processing of data by Usercentrics, please click here:

    https://usercentrics.com/de/datenschutzerklaerung/

     

    Purpose of data processing
    The processing of personal data serves to comply with the legal obligations of the DSGVO and the BDSG while offering a functional website.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data in connection with Usercentrics is Art. 6 para. 1 p.1 lit. c DSGVO (legal obligation) and Art. 6 para. 1 p.1 lit. f DSGVO. Our legitimate interest here lies in the purposes mentioned under 2.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy, consent to storage has been revoked, or as required by law.

     

    Possibility of objection and elimination
    You can prevent the collection as well as the processing of your personal data by Usercentrics by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    For more information on objection and removal options vis-à-vis Usercentrics, please visit:

    https://usercentrics.com/de/datenschutzerklaerung/

    8. use of further cookies
    Furthermore, cookies are used on the one hand to make the website easier to use for the user, and on the other hand, their use is necessary for the smooth operation of some functions offered on the website (functional cookies).

    In addition, we use cookies for analysis purposes, for example, to show you personalized content (marketing cookies).

    In this context, we only use functional and marketing cookies with the consent of the user in the context of usercentrics on the basis of Art. 6 (1) lit. a DSGVO.

    A detailed description of the functional and marketing cookies can be found in the settings of the Cookie Consten technology (Usercentrics).

     

    9. email contact
    Description and scope of data processing
    On our website, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

    The data is used exclusively for processing the conversation.

     

    Purpose of data processing
    In the case of contact by email, the purpose of data processing is to fulfill or respond to the request associated with the transmission of the email.

     

    Legal basis for data processing
    The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

    The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) lit. f DSGVO. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 p.1 lit. b DSGVO.

     

    Duration of storage
    The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.

    The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

    Possibility of objection and removal
    The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. The revocation is form-free and should preferably be directed to:

    datenschutz@concedus.com

    All personal data stored in the course of contacting us will be deleted in this case.

     

    10. contact form
    Description and scope of data processing
    A contact form is available on our website, which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored.

    At the time the message is sent, the following data is stored:

    o         Email address

    o         surname

    o         first name

    o         Company and/or company name, if applicable

    o         Telephone / mobile phone number

    o         IP address of the calling computer

    o         Date and time of the contact

    o         Content of the contact form filled out by the user (subject/concern as well as free text field)

    For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy.

    Alternatively, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

    The data is used exclusively for processing the conversation. The transmission is SSL-encrypted.

     

    Purpose of data processing
    The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

    The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

     

    Legal basis for data processing
    The legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. a DSGVO if the user has given his consent.

    The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 p. 1 lit. f DSGVO. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 p. 1 lit. b DSGVO.

     

    Duration of storage
    The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

    The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

     

    Possibility of objection and removal
    The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. The revocation is form-free and should preferably be directed to:

    datenschutz@concedus.com

    All personal data stored in the course of contacting us will be deleted in this case.

     

    11. use of company appearances in job-oriented networks
    Scope of data processing
    We use the possibility of company appearances on profession-oriented networks. We maintain a company presence on the following profession-oriented networks:

    LinkedIn:

    LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland.

    On our site, we provide information and offer users the opportunity to communicate.

    The company presence is used for job applications, information/PR and active sourcing.

    We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of:

    LinkedIn:

    https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

    If you carry out an action on our company website (e.g. comments, posts, likes, etc.), you may make personal data (e.g. clear name or photo of your user profile) public.

     

    Legal basis for data processing
    The legal basis for processing your data in connection with the use of our corporate presence is Art.6 para.1 p.1 lit. f DSGVO.

     

    Purpose of data processing
    Our corporate presence serves us to inform users about our services. In doing so, each user is free to publish personal data through activities.

     

    Duration of storage
    We store your activities and personal data published via our corporate presence until you revoke your consent. In addition, we comply with the statutory retention periods.

     

    Possibility of objection and removal
    You can object at any time to the processing of your personal data that we collect in the course of your use of our corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.

    You can find more information on objection and removal options here:

    LinkedIn:

    https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

     

    12. hosting
    The website is hosted on our own servers. Third parties do not have access to server log files.

    The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

    o         browser type and browser version

    o         operating system used

    o         referrer URL

    o         host name of the accessing computer

    o         date and time of the server request

    o         IP address

    A combination of this data with other data sources is not made. The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be collected.

    The location of the server of the website is geographically in Germany.

     

    13. plugins used
    We use plugins for various purposes. The plugins used are listed below:

    Use of Google Analytics

    Scope of the processing of personal data
    We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter: Google). Google Analytics examines, among other things, the origin of visitors, the time they spend on individual pages, and the use of search engines, thus allowing better monitoring of the success of advertising campaigns. Google sets a cookie on your computer. This allows personal data to be stored and analyzed, in particular the activity of the user (especially which pages have been visited and which elements have been clicked on), device and browser information (especially the IP address and operating system), data about the advertisements displayed (especially which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (especially pseudonymized user IDs). The information generated by the cookie about your use of this online presence will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymization is activated on this online presence, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

    On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our online presence.

    Further information on the processing of data by Google can be found here:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Purpose of data processing
    The purpose of processing personal data is to specifically address a target group that has already expressed an initial interest by visiting the site.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of the users’ personal data is, in principle, the user’s consent in accordance with Art. 6 Para. 1 S.1 lit. a DSGVO.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie information after 9 and 18 months, respectively, according to Google.

     

    Revocation and elimination options
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:

    https://tools.google.com/dlpage/gaoptout?hl=de

    You can deactivate the use of your personal data by Google using the following link:

    https://adssettings.google.de

    For more information on opt-out and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Use of Google Tag Manager

    Scope of the processing of personal data
    We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). With the Google Tag Manager, tags of Google’s services and of third-party providers can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, to record the impact of online advertising and social channels, to use remarketing and targeting, and to test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user’s browser. It contains instructions on which tags to trigger. Google Tag Manager takes care of triggering other tags, which in turn may collect data. Information on this can be found in the passages on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.

    Further information on Google Tag Manager can be found at https://www.google.com/intl/de/tagmanager/faq.html

    and in Google’s privacy policy:

    https://policies.google.com/privacy?hl=de

     

    Purpose of data processing
    The purpose of the processing of personal data is the collected and clear management, as well as an efficient integration of third-party services.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of the users’ personal data is basically the user’s consent according to Art. 6 para. 1 p.1 lit. a DSGVO.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie information after 9 and 18 months, respectively, according to Google.

     

    Revocation and elimination options
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:

    https://tools.google.com/dlpage/gaoptout?hl=de

    You can deactivate the use of your personal data by Google using the following link:

    https://adssettings.google.de

    For more information on opt-out and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Use of Google Ads

    Scope of the processing of personal data
    We use Google AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). We use this service to place advertisements. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and on which elements have been clicked), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).

    Further information on the processing of data by Google can be found here:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Purpose of data processing
    We only gain knowledge of the total number of users who have responded to our ad. No information is shared that would allow us to identify you. The use does not serve the purpose of tracking.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data is basically the user’s consent in accordance with Art. 6 para. 1 p.1 lit. a DSGVO.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

     

    Right of revocation and removal
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can deactivate the use of your personal data by Google using the following link:

    https://adssettings.google.de

    For more information on objection and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Use of Google Maps

    Scope of the processing of personal data
    We use the online map service Google Maps of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). We use the Google Maps plugin to visually display geographical data and embed it on our online presence. By using Google Maps on our online presence, information about the use of our online presence, your IP address and addresses entered in the route planning function are transmitted to a Google server and stored there.

    For more information on the processing of data by Google, please click here:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Purpose of data processing
    The use of the Google Maps plug-in serves to improve user-friendliness and an appealing presentation of our online presence.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data is basically the user’s consent in accordance with Art. 6 para. 1 p.1 lit. a DSGVO.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

     

    Possibility of revocation and removal
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can use the following link to disable Google’s use of your personal data:

    https://adssettings.google.de

     

    For more information on objection and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Use of Google Web Fonts

    Scope of the processing of personal data
    We use Google web fonts of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). In the process, the web fonts are transferred to the browser’s cache when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google web fonts or prevents access, the text is displayed in a standard font. No cookies are stored on the visitor’s computer when the page is accessed. Data transmitted in connection with the page call are sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com. Personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and the operating system).

    The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.

    Further information on the processing of data by Google can be found here:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Purpose of data processing
    The use of Google web fonts serves an appealing presentation of our texts. If your browser does not support this function, a standard font is used by your computer for display.

     

    Legal basis for the processing of personal data
    This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. When you call up a page, your browser loads the required web fonts into the browser cache in order to display texts and fonts correctly.

    The use of Google WebFonts is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in the uniform display of the typeface on its website. If your browser does not support Web Fonts, a standard font will be used by your computer. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy:

    https://policies.google.com/privacy?hl=de

    Duration of storage
    Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, such as for tax and accounting purposes.

    Opt-out and opt-out options
    You can prevent the collection as well as the processing of your personal data by Google by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can deactivate the use of your personal data by Google using the following link:

    https://adssettings.google.de

    For more information on objection and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

    Use of Contact Form 7

    Scope of the processing of personal data
    We use the WordPress plugin Contact Form 7 of RockLobster LLC, Sakai 810-0001 Fukuoka Prefecture Chuo-ku Tenjin 1-chome 8-1, Fukuoka City Hall, Japan (hereinafter: RockLobster) to manage contact forms on our online presence. Entered form data is transmitted via email. Personal data may be stored and analyzed, in particular the activity of the user (especially which pages have been visited and which elements have been clicked on) and device and browser information (especially the IP address and the operating system). In the process, data may be transmitted to RockLobster servers in Japan. Regarding Japan, there is an adequacy decision of the European Union. You can find it here:

    https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2019:076:TOC

    For more information on the processing of data by Contact Form 7, please click here:

    https://contactform7.com/privacy-policy/

     

    Purpose of the data processing
    The use of the Contact Form 7 plug-in serves to improve the user-friendliness of our online presence. We use this plug-in to easily create contact forms, integrate them and present them in an appealing way.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data is basically the user’s consent according to Art. 6 para. 1 p.1 lit. a DSGVO. This is requested when the contact form is sent and thus before the personal user data is collected.

     

    Duration of storage
    The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.

     

    Possibility of revocation and removal
    The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. The revocation is form-free and should preferably be directed to:

    datenschutz@concedus.com

    All personal data stored in the course of contacting us will be deleted in this case.

    For more information on objection and removal options vis-à-vis Contact Form 7, please visit:

    https://contactform7.com/privacy-policy/

     

    Use of Google ReCaptcha

    Scope of the processing of personal data
    We use Google ReCaptcha of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. This tool is intended to check whether a data entry is compliant and not made by a bot. For this purpose, Google ReCaptcha analyzes and authenticates the behavior of an online presence visitor with regard to various characteristics. As a result, personal data can be stored and evaluated, especially the user’s activity (in particular mouse movements and which elements have been clicked on) and device and browser information (in particular time, the IP address and the operating system).

    The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.

    Further information on the processing of data by Google can be found here:

    https://policies.google.com/privacy?gl=DE&hl=de

    Purpose of data processing
    The use of Google ReCaptcha serves to protect our online presence from misuse.

     

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 Para. 1 S.1 lit. a DSGVO.

     

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

     

    Right of revocation and removal
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    You can deactivate the use of your personal data by Google using the following link:

    https://adssettings.google.de

    For more information on objection and removal options vis-à-vis Google, please visit:

    https://policies.google.com/privacy?gl=DE&hl=de

     

    Use of Google My Business

    Scope of the processing of personal data
    We use the Google My Business marketing platform of Google LLC, Gordon House, Barrow Street, 4, Dublin, Ireland (hereinafter referred to as Google).

    We use Google My Business for customer acquisition with optimized company profiles including the possibility of statistical evaluation and contact with users.

     

    Cookies are stored by Google on your terminal device.

    In particular, the following personal data is processed by Google My Business:

    – Contact data / company data

    – address data

    – e-mail addresses

    – telephone number

    – Opening hours data

    – Location data

    – Credit card data

    – reviews

    – IP address

    In the process, data may be transmitted to Google servers in the USA. For more information on the processing of data by Google My Business, please click here:

    https://policies.google.com/privacy

    Purpose of data processing
    The use of Google My Business serves us to develop statistical methods and to improve user behavior.

    Legal basis for the processing of personal data
    The legal basis for data processing is Art. 6 para.1 p.1 lit. a DSGVO. Our legitimate interest here lies in the purposes of data processing mentioned under 2.

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

    Right of revocation and removal
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

     

    Use of HubSpot

    Scope of the processing of personal data
    We use functions of the CMS Hubspot of HubSpot Inc, 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (hereinafter referred to as: HubSpot). This is an integrated software solution that we use to cover various aspects of our online marketing. These include: Email marketing (newsletters as well as automated mailings, e.g. for the provision of downloads), social media publishing & reporting, reporting (in particular traffic sources, accesses, etc. …), contact management (in particular user segmentation & CRM), landing pages and contact forms. HubSpot sets cookies on your computer. As a result, personal data can be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).

    By using Hubspot, personal data of you will be sent to the USA or other third countries outside the EU. To ensure appropriate safeguards to protect the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by Hubspot is based on appropriate safeguards pursuant to Art. 46 et seq. DSGVO, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 para. 2 lit. c DSGVO.

    Other recipients of the data processed by Hubspot are in particular:

    Amazon Web Services, Inc.
    Google, Inc.
    Cloudflare, Inc.
    Twilio, Inc.
    Message Systems, Inc.
    SendGrid, Inc.
    Snowflake, Inc.*
    HubSpot, Inc.
    HubSpot Ireland, Ltd.
    HubSpot Germany GmbH
    HubSpot Australia Pty. Ltd.
    HubSpot Asia Pte. Ltd.
    HubSpot Japan KK
    HubSpot Latin America, S.A.S.
    HubSpot Sweden

    For more information on how HubSpot processes your data, please click here:

    https://legal.hubspot.com/de/privacy-policy

    Purpose of data processing
    The use of the HubSpot plug-in serves us to optimize our website and marketing activities.

    Legal basis for the processing of personal data
    The legal basis for the processing of users’ personal data is generally the user’s consent pursuant to Art. 6 (1) p.1 lit. a DSGVO.

    Duration of storage
    Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

    Right of revocation, objection and removal.
    You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    You can prevent the collection as well as the processing of your personal data by HubSpot by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

    For more information on objection and removal options vis-à-vis HubSpot, please visit: https://legal.hubspot.com/de/privacy-policy.

     

    This privacy policy was created with the support of Audit GmbH Karlsruhe Stuttgart Wirtschaftsprüfungsgesellschaft.