Data Protection Policy Matthias Baldauf 28. October 2022

Data Protection

Privacy policy | cxomni GmbH

Status 07.08.2024

Who we are

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data
protection regulations is

cxomni GmbH
Konrad-Zuse-Platz 8
81829 Munich
Germany
+49-89-207042-986
info@cxomni.net
https://wp2-dev.cxomni.net/

Contacting the data protection officer

The data protection officer of the controller is
DataCo GmbH
Nymphenburger Str. 86
80636 Munich
Germany
+49 89 7400 45840
www.dataguard.de

On this page we inform you about the processing of your personal data on the website.

How we collect and use your personal data depends on how you interact with us or which services you use.
We will only collect, use or share your personal data where we have a legitimate purpose and legal basis
for doing so.

What do we mean by legal basis?

Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)- You have given us your consent to process your personal data
for the specific purpose we have explained to you. You have the right to withdraw your consent at any time.
For more information on how you can withdraw your consent, please refer to the subsections “Exercising your
rights” in the following sections of this Privacy Policy.

Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) – We need to use your data to fulfill a contract you have
with us. Alternatively, it is necessary to use your data because we have asked you to do so or you have
taken certain steps yourself before entering into this contract.

Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – We must use your data to comply with the law.

Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) – The processing of your data is necessary to protect
your vital interests or those of another person. For example, to protect you from serious physical harm.

Public task (Art. 6 para. 1 sentence 1 lit. e GDPR) – The processing of your data is necessary for the
performance of a task carried out in the public interest or because it is required by a public authority.
is covered by a legally defined task, e.g. for a statutory function.

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – The processing of your data is necessary to
support a legitimate interest that we or another party have, only if your own interests do not prevail.

Please note that if your data is processed to fulfill a contract or legal obligation and you do not provide the
requested data, we may not be able to provide you with our website services.

Data sharing and international transfer

As explained in this Privacy Policy, we use various service providers to help us provide our services and
keep your data secure. When we use these service providers, it is necessary for us to share your personal
data with them.

We have concluded agreements with all service providers to whom we pass on your data, obliging them to
protect your data.

If your personal data is transferred outside the EU, we will ensure that your personal data receives an
equivalent level of protection, either because the country to which your data is transferred has an
“adequate” standard of data protection according to the European Commission, or by using another
safeguard, such as an enhanced contractual arrangement, i.e. the Standard Contractual Clauses (SCCs)
adopted by the European Commission.

For example, when we use US service providers, we rely on either the SCC or the EU-US Data Privacy
Framework, depending on the provider. You can request a copy of the SCCs we have in place with our service
providers by sending an email to the email address provided in this Privacy Policy.

Your rights
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have

the following rights vis-à-vis the controller:

1. The right to information (Art. 15 GDPR)

You have the right to obtain from us confirmation as to whether or not personal data concerning you are
being processed, and, where that is the case, access to the personal data and the following information:

  • Processing purposes
  • Categories of personal data
  • Recipients or categories of recipients
  • Planned storage duration or the criteria for determining this duration
  • the existence of the rights to rectification, erasure, restriction or objection Right to lodge a complaint with the competent supervisory authority
  • If applicable, origin of the data (if collected from a third party)
  • If applicable, the existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the expected effects
  • Possible transfer of personal data to a third country or international organization

2. Right to rectification (Art. 16 GDPR)


If your personal data is incorrect or incomplete, you have the right to request immediate correction or
completion of the personal data.

3. Right to restriction of processing (Art. 18 GDPR)


If one of the following conditions is met, you have the right to request that the processing of your personal
data be restricted:

  • You contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data.
  • In the event of unlawful processing, you object to the erasure of the personal data and instead request the restriction of the use of the personal data.
  • We no longer need your personal data for the purposes of processing, but you need your personal data to assert, exercise or defend your legal claims, or
  • after you have lodged an objection to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.

4. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

If one of the following reasons applies, you have the right to demand the immediate deletion of your personal
data:

  • Your data are no longer necessary for the processing purposes for which they were originally collected.
  • you withdraw your consent and there is no other legal basis for the processing.
  • You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) GDPR.
  • Your personal data is being processed unlawfully.
  • The deletion is necessary to fulfill a legal obligation under Union law or the law of the Member State to which we are subject.
  • The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

Please note that the above reasons do not apply if the processing is necessary:

  • To exercise the right to freedom of expression and information;
  • For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
  • For reasons of public interest in the area of public health.
  • For archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes.
  • For the assertion, exercise or defense of legal claims.

5. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable
format or to request that it be transmitted to another controller.

6. Right to object to certain data processing (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of
personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to
profiling based on these provisions.

If the personal data concerning you are processed for direct marketing purposes, you have the right to
object at any time to the processing of personal d a t a concerning you for such marketing, which includes
profiling to the extent that it is related to such direct marketing.
is connected with direct advertising.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint
with a supervisory authority if you consider that the processing of personal data relating to you infringes
the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the
status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78
GDPR.

A list of the competent supervisory authorities in Germany can be found on the website of the
Federal Commissioner for Data Protection at the following link:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer
system of the accessing computer.

The following data is collected:

  • Information about the browser type and version used The user’s operating system
  • The user’s internet service provider Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website This data is stored in the log files of our system.

This data is not stored together with other personal data of the user.

2. Purpose of data processing

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the
user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

Data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimize
the website and to ensure the security of our information technology systems. The data is not analyzed for
marketing purposes in this context.

3. Legal basis for data processing


The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Duration of storage

The data is deleted as soon as it is no longer r e q u i r e d to achieve the purpose for which it was
collected. In the case of the collection of data for the provision of the website, this is the case when the
respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is
possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible
to identify the accessing client.

5. Exercising your rights


The collection of data for the provision of the website and the storage of data in log files is absolutely
necessary for the operation of the website. The user can object to this. Whether the objection is successful
must be determined as part of a weighing of interests.

Use of cookies

1. Description and scope of data processing


When you visit our website, we use technical aids for various functions, in particular cookies, which can be
stored on your end device. When you access our website and at any time thereafter, you have the choice
of whether you generally allow cookies to be set or which individual additional functions you would like to
select. You can make changes in your browser settings or via our Consent Manager.

Cookies are text files or information in a database that are stored on your hard disk and assigned to the
browser you are using so that certain information can flow to the place that sets the cookie. Below we
describe the type of cookies we use:

We use technically necessary cookies that are required for the technical structure of the website.
Without these cookies, our website cannot be displayed (completely correctly) or the support functions
are not possible.

The following data is stored and transmitted by the technically necessary cookies:

  • Language settings
  • Search terms entered
  • Frequency of page views
  • Use of website functions

We use cookies on our website that are not technically necessary. Cookies that are not technically
necessary are text files that are not only used for the functionality of the website, but also collect other
data.

By setting technically unnecessary cookies, the following data is processed:

  • IP address
  • Location of Internet users
  • Date and time of access to the website
  • Tracking of surfing behavior
  • Linking the website visit with other social media platforms 
  • Form functionalities

2. Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some
functions of our website cannot be offered without the use of cookies. For these, it is necessary for the
browser to be recognized even after a page change.

We require the technically necessary cookies for the following applications:

  • Adoption of language settings
  • Remembering search terms
  • Functionality of the website

Cookies that are not technically necessary are used for the purpose of improving the quality of our website, its
content and thus our reach and efficiency. By setting these cookies, we learn how the website is used and can
thus constantly optimize our offer. In particular, these cookies serve the following purposes:

We use cookies in order to better tailor the offer on our website to the interests of our visitors or to generally
improve it on the basis of statistical evaluations.

3. Legal basis for data processing

The provisions of the Telecommunications Digital Services Data Protection Act (TDDDG) apply to the storage
of information in the end user’s terminal equipment and/or access to information already stored in the end
user’s terminal equipment. If the setting and reading of cookies is technically necessary, this is done to
ensure the functionality of our website. In this case, cookies are stored and accessed on your terminal
equipment on the basis of Section 25 (2) No. 2 TDDDG. This storage and access to the information in your
end device serves to make it easier for you to use our website and to be able to offer you our services as you
have requested. Some functions of our website do not work without the use of these cookies and could
therefore not be offered. The cookies are generally deleted at the end of the session (e.g. logging out or
closing the browser) or after a specified period of time. Information on different storage periods for cookies
can be found in the following sections of this privacy policy.

Insofar as cookies are used that are not technically necessary, this is done on the basis of your express
consent, which you can give via the cookie banner. In this case, the basis for storing and accessing
information is Section 25 (1) TDDDG in conjunction with Art. 6 para. 1 lit. a), Art. 7 GDPR. You can revoke
your consent at any time with effect for the future or subsequently grant it again by configuring your cookie
settings accordingly. Alternatively, you can prevent the storage of cookies by making the appropriate
settings in your browser software. Please note that the browser settings you make only apply to the browser
you are using. If personal data is processed following the storage of and access to the information on your
end device, the provisions of the GDPR apply. You can find information on this in the following sections of
this privacy policy.

4. Exercising your rights


You can revoke your consent to the use of cookies at any time and manage your consent preferences
under the following link: https://wp2-dev.cxomni.net/ Button: “Cookie settings”

Newsletter

1. Description and scope of data processing


You can subscribe to a free newsletter on our website. When you subscribe to the newsletter, the data from
the input screen is transmitted to us.

In order to provide this service, we collect the following data from you: 

  • Email
  • address
  • Surname
  • First name
  • IP address of the accessing computer
  • Date and time of registration

Your consent is obtained for the processing of the data as part of the registration process and reference is
made to this privacy policy.

No data is passed on to third parties in connection with the data processing for sending newsletters. The data
is used exclusively for sending the newsletter.

2. Purpose of data processing


The purpose of collecting the user’s email address is to deliver the newsletter.

The collection of other personal data as part of the registration process serves to prevent misuse of the
services or the email address used.

3. Legal basis for data processing


The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1
sentence 1 lit. a GDPR if the user has given consent.

4. Duration of storage

The data is deleted as soon as it is no longer required for the purpose for which it was collected. The user’s
email address is therefore stored for as long as the subscription to the newsletter is active.

The other personal data collected during the registration process is generally deleted after a period of seven
days.

5. Exercising your rights


The subscription to the newsletter can be canceled by the user concerned at any time. For this purpose,
there is a corresponding link in every newsletter.

This also makes it possible to withdraw consent to the storage of personal data collected during the
registration process.

Email contact


1. Description and scope of data processing


It is possible to contact us via the email address provided on our website. In this case, the user’s personal

data transmitted with the email will be stored.

The data is used exclusively for processing the conversation.


2. Purpose of data processing

In the case of contact by email, this also constitutes the necessary legitimate interest in the processing of the
data.

3. Legal basis for data processing


The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f
GDPR. Our legitimate interest is to answer your request, which you send by e-mail, in the best possible way.

If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is
Art. 6 para. 1 lit. b GDPR.

4. Duration of storage


The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For
personal data sent by email, this is the case when the respective conversation with the user has ended. The
conversation is ended when it can be inferred from the circumstances that the matter in question has been
conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven
days at the latest.

5. Exercising your rights


If the user contacts us by email, they can object to the storage of their personal data at any time. In such a
case, the conversation cannot be continued.

The provision of your personal data is voluntary. However, we can only process your request if you provide
us with your name, e-mail address and the reason for the request. You can revoke your consent to data
processing at any time and object to storage. In this case, please send your objection as an informal e-mail
to datenschutz@cxomni.net. Statutory retention obligations will be taken into account.

All personal data stored in the course of contacting us will be stored in this
Case deleted.

Contact form

1. Description and scope of data processing

There is a contact form on our website that can be used to contact us electronically. If a user makes use of
this option, the data entered in the input mask will be transmitted to us and stored.

The following data is stored at the time the message is sent: 

  • Email address
  • Surname
  • First name
  • Phone / mobile number
  • Company, message
  • IP address of the accessing computer
  • Date and time

2. Purpose of data processing

The processing of personal data from the input mask of the contact form or via the e-mail address provided
serves us solely to process the contact.

The other personal data processed during the sending process is used to prevent misuse of the contact
form and to ensure the security of our information technology systems.

3. Legal basis for data processing


The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1
sentence 1 lit. f GDPR. Our legitimate interest is to respond to your inquiry that you send to us via the
contact form in the best possible way. If the email contact is aimed at concluding a contract, the additional
legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Duration of storage


The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For
the personal data from the input screen of the contact form and those sent by email, this is the case when
the respective conversation with the user has ended. The conversation is ended when it can be inferred
from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven
days at the latest.

5. Exercising your rights


If the user contacts us via the input mask in the contact form, they can object to the storage of their personal
data at any time in the following manner:

The provision of your personal data is voluntary. However, we can only process your request if you provide
us with your name, e-mail address and the reason for the request. You can revoke your consent to data
processing at any time and object to storage. In this case, please send your objection as an informal e-mail
to datenschutz@cxomni.net. Legal storage obligations will be taken into account.

All personal data stored in the course of contacting us will be deleted in this case.

Application by email and application form

There is an application form on our website that can be used for electronic applications. If an applicant makes
use of this option, the data entered in the input mask will be transmitted to us and stored. These data are

  • Salutation
  • Surname
  • First name
  • Email address
  • Curriculum
  • vitae
  • Field of interest, career level, desired location

Alternatively, you can also send us your application by email. In this case, we will record your email
address and the data you provide in the email.

After sending your application, you will receive confirmation of receipt of your application documents by email
from us.

We also offer an applicant/talent pool.

Your data will not be passed on to third parties. The data will be used exclusively for processing your
application.

2. Purpose of data processing


The processing of personal data from the application form is solely for the purpose of processing your
application. If you contact us by email, this also constitutes the necessary legitimate interest in processing
the data.

The other personal data processed during the sending process is used to prevent misuse of the application
form and to ensure the security of our information technology systems.

3. Legal basis for data processing


The legal basis for the processing of your data is the initiation of a contract at the request of the data subject,
Art. 6 para. 1 sentence 1 lit. b Alt. 1 GDPR and § 26 para. 1 sentence 1 BDSG.

The legal basis for the processing of data as part of the applicant pool is the applicant’s express declaration of
consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. You can revoke your consent at any time with effect for
the future.

4. Duration of storage


After completion of the application process, the data will be stored for up to 6 months. Your data will be
deleted after 6 months at the latest. In the event of a legal obligation, the data will be stored in accordance
with the applicable provisions.

The additional personal data collected during the sending process will be deleted after a period of seven
days at the latest.

Company appearances

Twitter:

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland

We provide information on our company page and offer Twitter users the opportunity to communicate.

If you carry out an action on our corporate Twitter presence (e.g. comments, posts, likes, etc.), you may
make personal data (e.g. real name or photo of your user profile) public.

However, since we generally or to a large extent have no influence on the processing of your personal data by
Twitter, we cannot make any binding statements about the purpose and scope of the data processing.
processing of your data.

We use our corporate presence in social networks to communicate and exchange information with
(potential) customers. In particular, we use the company presence for:

We use Linkedin to draw attention to our company and our products & services and to get in touch and
interact with other users. We also offer workshops and webinars.

The publications on the company’s website may contain the following content:

  • Information
  • about products
  • Information about services
  • Advertising
  • Customer contact
  • Contact with potential interested parties

Every user is free to publish personal data through activities.

Insofar as we process your personal data in order to evaluate your online behavior, offer you competitions
or carry out lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1
sentence 1 lit. a, Art. 7 GDPR.

The legal basis for the processing of personal data for the purpose of communicating with customers and
interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest here is to respond to your
inquiry in the best possible way and to be able to provide the requested information.

If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6
para. 1 lit. b GDPR.

We store your activities and personal data published via our corporate Twitter presence until you withdraw
your consent. In addition, we comply with the statutory retention periods.
We process data from our company website in our systems. This data is stored there for the following
period: Personal data is not transferred to our system. Only the form ID, name of the form and the time
stamp are stored for statistical purposes.

For the processing of your personal data in third countries, we have provided suitable guarantees in the form
of standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR. A copy of the standard data
protection clauses can be requested from us.

You can object to the processing of your personal data that we collect in the context of your use of our
corporate presence at any time and assert your rights as a data subject as set out in the “Your rights”
section of this privacy policy. To do so, please send us an informal email to datenschutz@cxomni.net. You
can find more information on the processing of your personal data by Twitter and the corresponding
objection options here:

Twitter: https://twitter.com/de/privacy

Use of company presences in professional networks

1. Scope of data processing


The company website is used for applications, information/PR and active sourcing. We have no information
on the processing of your personal data by the companies jointly responsible for the company website.
Further information can be found in the privacy policy of:

  • LinkedIn
  • XING

On our website we provide information and offer users the opportunity to Communication.

The company website is used for applications, information/PR and active sourcing.

We have no information on the processing of your personal data by the companies jointly responsible for
the company’s website. Further information can be found in the privacy policy of:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy

XING:

https://privacy.xing.com/de

If you carry out an action on our company website (e.g. comments, posts, likes, etc.), you may make
personal data (e.g. real name or photo of your user profile) public.

2. Legal basis for data processing

The legal basis for the processing of personal data for the purpose of communicating with customers and
interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to respond to your
inquiry in the best possible way and to be able to provide the requested information.

If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6
para. 1 lit. b GDPR.

3. Purpose of data processing

Our company website serves to inform users about our services. Every user is free to publish personal data
through activities.

4. Duration of storage

We store your activities and personal data published via our company website until you withdraw your
consent. In addition, we comply with the statutory retention periods.

5. Exercising your rights

You can object to the processing of your personal data that we collect in the context of your use of our
corporate presence at any time and assert your rights as a data subject as set out in the “Your rights” section
of this privacy policy. To do so, please send us an informal email to the email address stated in this privacy
policy.

Further information on exercising your rights can be found here:

LinkedIn:
https://www.linkedin.com/legal/privacy-policy

XING:
https://privacy.xing.com/en

Hosting

The website is hosted on servers of a service provider commissioned by us. Our service
provider is:
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany
Further information on the processing of personal data by Hetzner can be found at:
https://www.hetzner.com/legal/privacy-policy
The servers automatically collect and store information in so-called server log files, which your
automatically transmitted by your browser when you visit the website. The information stored is

  • Information about the browser type and version used
  • The user’s operating system
  • The user’s internet service provider Date
  • and time of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website

This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f
GDPR. Our legitimate interest in processing this data is to display our website without errors and to
optimize its functions.
The website server is geographically located in Germany.

Content delivery networks

Google Cloud CDN

1. Description and scope of data processing

On our website, we use functions of the content delivery network Google Cloud CDN of Google Ireland
Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: Google Cloud CDN). A
Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet,
which is used to deliver content – in particular large media files such as videos. Google Cloud CDN offers
web optimization and security services that we use to improve the loading times of our website and to
protect it from misuse. When you visit our website, a connection is established to the Google Cloud CDN
servers, e.g. to retrieve content. This allows personal data to be stored and analyzed in server log files, in
particular the user’s activity (in particular which pages have been visited) and device and browser
information (in particular the IP address and operating system). Further information on the collection and
storage of data by Google Cloud CDN can be found here:
https://policies.google.com/privacy?hl=de

2. Purpose of data processing

The use of Google Cloud CDN functions serves to deliver and accelerate online applications and content.

3. Legal basis for data processing

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest
in the technically error-free presentation and optimization of its website – the server log files must be
recorded for this purpose.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Exercising your rights

Information on exercising your rights against Google Cloud CDN can be found at:
https://policies.google.com/privacy?hl=dede/privacypolicy/

 

Integrated third-party services

We use various service providers to provide the services we offer on the website.

In general, we have a legitimate interest in sharing your data with the relevant service providers if these
services are essential for the provision of the basic service offered on the website in order to provide the
relevant website service.

If such services are required for additional services, extended functions or additional purposes, your
personal data will only be passed on to service providers if you give your consent.

Here you can revoke your consent to the use of integrated third-party services at any time and manage your
consent settings: https://wp2-dev.cxomni.net/ Button: “Cookie settings”

 

Use of Bootstrap

1. Scope of the processing of personal data

We use the open source framework Bootstrap. This is implemented via the content delivery network
loaded from bootstrapcdn.com. The provider of this service is MaxCDN DBA StackPath, 2021 McKinney Ave,
Suite 1100, Dallas, TX 75201, USA (hereinafter referred to as: StackPath). By using BootstrapCDN, cookies
are set on your computer and the usage data is stored. This allows personal data to be stored and analyzed,
in particular the user’s activity (in particular which pages have been visited and which elements have been
clicked on) as well as device and browser information (in particular the IP address and operating system).
Further information on the processing of data by StackPath can be found here:
https://www.bootstrapcdn.com/privacy-policy/

2. Purpose of data processing

Bootstrap is used to improve our online presence and its user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the
purposes of data processing mentioned under 2.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You can prevent the collection and processing of your personal data by StackPath by preventing the storage
of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can find further information on objection and removal options vis-à-vis StackPath at:
https://www.bootstrapcdn.com/privacy-policy/

Use of Contact Form 7

1. Scope of the processing of personal data

We use the WordPress plugin Contact Form 7 from RockLobster LLC, Sakai 810-0001 Fukuoka Prefecture
Chuo-ku Tenjin 1-chome 8-1, Fukuoka City Hall, Japan (hereinafter: RockLobster) to manage contact forms
on our online presence. Entered form data is transmitted by email. This allows personal data to be stored
and analyzed, in particular the user’s activity (in particular which pages have been visited and which
elements h a v e been clicked on) and device and browser information (in particular the IP address and
operating system). Data may be transmitted to RockLobster servers in Japan. With regard to Japan, there is
an adequacy decision of the European Union.
You can find it here:
https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2019:076:TOC
Further information on the processing of data by Contact Form 7 can be found here:
https://contactform7.com/privacy-policy/

2. Purpose of data processing

The use of the Contact Form 7 plugin serves to improve the user-friendliness of our online presence. We
use this plug-in to easily create, integrate and present contact forms in an appealing way.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Contact Form 7 by preventing the
storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

Further information on objection and removal options vis-à-vis Contact Form 7 can be found at
https://contactform7.com/privacy-policy/

Use of Google AdWords

1. Scope of the processing of personal data

We use Google AdWords from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and
the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland
(hereinafter referred to as: Google). We use this service to place advertisements. Google places a cookie on
your computer. This allows personal data to be stored and evaluated, in particular the user’s activity (in
particular which pages have been visited and which elements have been clicked on), device and browser
information (in particular the IP address and operating system), data about the advertisements displayed
(in particular which advertisements have been displayed and whether the user has clicked on them) and
also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

We only receive information about the total number of users who have responded to our ad. No information
is passed on with which we could identify you. The use is not for tracking purposes.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent shall affect the lawfulness of processing based on consent before its withdrawal.
processing is not affected.

You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de

Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Ads Remarketing

1. Scope of the processing of personal data

We use Google Ads Remarketing from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043,
USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5,
Dublin, Ireland (hereinafter referred to as: Google). Google Remarketing is used to retarget visitors to the
online presence for advertising purposes via Google Ads ads. Google Ads Remarketing can be used to create
target groups (“similar target groups”) that have, for example, accessed certain pages. This makes it
possible to identify the user on other online presences and display targeted advertising. Google places a
cookie on the user’s computer. This allows personal data to be stored and evaluated, in particular the user’s
activity (in particular which pages have been visited and which elements have been clicked on), device and
browser information (in particular the IP address and operating system), data about the advertisements
displayed (in particular which advertisements have been displayed and whether the user has clicked on
them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The purpose of processing personal data is to address a specific target group. The cookies stored on the
user’s end device recognize them when they visit an online presence and can therefore show them
interest-based advertising.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of
the online presence (including your IP address) and from processing this data by Google by downloading
and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=de

You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de

Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Analytics 4 (GA 4)

1. Scope of the processing of personal data

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow
Street, Dublin 4, Ireland (hereinafter referred to as Google).
Google Analytics analyzes, among other things, how the website visitor uses our site. Google places cookies
on your end device. During the visit, user behavior is recorded in the form of “events”. This allows personal
data to be stored and analyzed, including

  • First visit to the website
  • Interaction with the website, usage path
  • Clicks on external links
  • Video usage
  • File downloads
  • Advertising impressions and clicks
  • Scroll behavior (if to end of page)
  • Searches on the website
  • Language selection 
  • Page visits
  • Location (region)
  • Your IP address (in abbreviated form)
  • technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • Your internet provider 
  • Referrer URL

We use Google Signals. This allows Google Analytics to collect additional information about users who have
activated personalized ads (interests and demographic data) and ads can be delivered to these users in
cross-device remarketing campaigns.
IP address anonymization is activated by default in GA 4. This means that your IP address will be truncated
by Google within the member states of the European Union or other parties to the Agreement on the
European Economic Area. As an exception, only in rare cases will the full IP address be transmitted to a
Google server in the USA and shortened there. Google states that the IP address transmitted by your
browser will not be merged with other Google data in the context of Google Analytics.
Further information on the processing of data by Google can be found here: https://policies.google.com/privacy

2. Purpose of data processing

We use GA 4 to evaluate the use of our online presence and to generate reports on the activities on our
website. The reports are used to analyze the performance of our website and to target advertising to
people who have already shown an initial interest by visiting our website.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a) GDPR.

4. Duration of storage

Your personal data will be deleted after 2 months. This deletion takes place
automatically once a month.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can withdraw your consent via our Cookie Consent Tool.

You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/technologies/partner-sites

You can also prevent Google from collecting the data generated by the cookie and relating to your use of
the online presence (including your IP address) and from processing this data by Google by downloading
and installing the browser plug-in available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de

You can deactivate the use of your personal data by Google using the following link:
https://adssettings.google.de

Use of Google ReCaptcha

1. Scope of the processing of personal data

We use Google ReCaptcha from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA
94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5,
Dublin, Ireland. This tool is designed to check whether a data entry is compliant and has not been made by a
bot, and Google ReCaptcha analyzes and authenticates the behavior of an online presence visitor with regard
to various characteristics. This allows personal data to be stored and evaluated, in particular the user’s
activity (especially mouse movements and which elements have been clicked on) and device and browser
information (especially time, IP address and operating system).
The data is not associated with data that may be collected or used in connection with the parallel use of
authenticated Google services such as Gmail.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of Google ReCaptcha serves to protect our online presence from misuse.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de”

Use of Google Web Fonts

1. Scope of the processing of personal data

We use Google Web Fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin,
Ireland (hereinafter referred to as: Google). The web fonts are transferred to the cache of the browser when
the page is called up in order t o be able to use them for the visually improved display of various
information. If the browser does not support Google web fonts or prevents access, the text is displayed in a
standard font. No cookies are stored on the visitor’s computer when the page is accessed. Data that is
transmitted in connection with the page view is sent to resource-specific domains such as
https://fonts.googleapis.com or https://fonts.gstatic.com. This allows personal data to be stored and
analyzed, in particular the user’s activity, in particular which pages have been visited and which elements
have been clicked on, and device and browser information, in particular the IP address and operating
system.
The data is not associated with data that may be collected or used in connection with the parallel use of
authenticated Google services such as Gmail.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of Google Web Fonts serves the purpose of an appealing presentation of our texts. If your browser
does not support this function, a standard font will be used by your computer for display.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de

Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of HubSpot

1. Scope of the processing of personal data

We use functions of HubSpot Inc, 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (hereinafter referred
to as HubSpot). This is an integrated software solution that we use to cover various aspects of our online
marketing. These include, among others: Email marketing (newsletters as well as automated mailings, e.g.
to provide downloads), social media publishing & reporting, reporting (in particular traffic sources, accesses,
etc. …), contact management (in particular user segmentation & CRM), landing pages and contact forms.
HubSpot places a cookie on your computer. This allows personal data to be stored and analyzed, in
particular the user’s activity (in particular which pages have been visited and which elements have been
accessed).
has been clicked), device and browser information (in particular the IP address and the operating system),
data about the advertisements displayed (in particular which advertisements were displayed and whether
the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by HubSpot can be found here:
https://legal.hubspot.com/de/privacy-policy

2. Purpose of data processing

The use of the HubSpot plug-in serves exclusively to optimize our marketing.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by HubSpot by preventing the storage
of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and removal options vis-à-vis HubSpot can be found at:
https://legal.hubspot.com/de/privacy-policy

Use of LinkedIn

 

1. Scope of the processing of personal data

We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company Wilton Place,
Dublin 2, Ireland (hereinafter referred to as LinkedIn). Each time one of our pages containing LinkedIn
functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have
visited our website with your IP address. If you click on the LinkedIn “Recommend” button and are logged
into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user
account. This allows personal data to be stored and analyzed, in particular the user’s activity (in particular
which pages have been visited and which elements have been clicked on) and device and browser
information (in particular the IP address and operating system).
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the
transmitted data or its use by LinkedIn. Further information on the processing of data by LinkedIn can be
found here:
https://www.linkedin.com/legal/privacy-policy

2. Purpose of data processing

The use of the LinkedIn plugin serves to make our online presence more user-friendly.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage
of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. Furthermore, you can
prevent the transmission by logging out of your LinkedIn account before accessing our website.
You can use the following links to deactivate the use of your personal data by LinkedIn:
https://www.linkedin.com/psettings/guest-controls
Further information on objection and removal options vis-à-vis LinkedIn can be found at
https://www.linkedin.com/legal/privacy-policy

Use of X

1. Scope of the processing of personal data

We use the social plugins of X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter
referred to as: Twitter).
With the social plugins, we can integrate content from Twitter (in particular tweets or moments) or links to
the Twitter platform (in particular tweet or follow button) on our online presence. This allows personal data
to b e stored and analyzed, in particular the user’s activity (in particular which pages have been visited and
which elements have been clicked on) as well as device and browser information (in particular the IP
address and operating system).
By using Twitter and the “Re-Tweet” function, the online presences you visit are linked to your Twitter account
and disclosed to third parties. We do not receive any information about the content of the transmitted data
and its use by Twitter.
Further information on the processing of data by Twitter can be found here: https://twitter.com/de/privacy

2. Purpose of data processing

The integration of the Twitter plug-in serves to improve user-friendliness. Twitter content can be displayed
embedded and users of the Twitter service can use Twitter functions.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Twitter by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and removal options vis-à-vis Twitter can be found at:
https://twitter.com/de/privacy

Use of Wordfence Security

1. Scope of the processing of personal data

Our online presence uses functions of Defiant Inc, 800 5th Ave, Suite 4100, Seattle, WA 98104, USA
(hereinafter referred to as: Defiant). Wordfence Security secures our online presence and thus protects
visitors to the online presence from viruses and malware. When you visit a page with a plugin, a direct
connection is established between your computer and the Defiant server. In order to recognize whether the
visitor is a human or a bot, the plug-in sets cookies. This allows further personal data to be stored and
analyzed, in particular the device and browser information (especially the IP address and operating
system).
It is possible to evaluate the behavior from the notifications sent (e.g. how often a page is accessed). IP
addresses are stored on the Wordfence servers to protect against brute force and DDoS attacks or
comment spam. IP addresses classified as harmless are placed on a white list.
Further information on the processing of data by Defiant can be found here:
https://www.wordfence.com/privacy-policy/

2. Purpose of data processing

The online presence uses the plug-in to protect against viruses and malware and to defend against attacks
by computer criminals.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Wordfence Security by preventing the
storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can find further information on objection and removal options vis-à-vis Wordfence Security at:
https://www.wordfence.com/privacy-policy/

Use of YouTube

1. Scope of the processing of personal data

We use the YouTube plugin operated by Google, YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA
and its representative in the Union Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
(hereinafter referred to as: Google). We use the YouTube plugin to embed videos from YouTube on our
online presence. When you visit our online presence, your browser establishes a connection with the
YouTube servers. This allows personal data to be stored and analyzed, in particular the user’s activity (in
particular which pages have been visited and which elements have been clicked on) as well as device and
browser information (in particular the IP address and operating system).
We have no influence on the content of the plug-in. If you are logged into your YouTube account during
your visit, YouTube can assign your online presence visit to this account. By interacting with this plug-in,
this corresponding information is transmitted directly to YouTube and stored there.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of the YouTube plug-in serves to improve user-friendliness and an appealing presentation of our
online presence.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of WPML

1. Scope of the processing of personal data

We use WPML from OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong (hereinafter
referred to as: WPML). WPML is a multilingual plugin for WordPress. We use WPML to display our online
presence in different languages. When you visit our online presence, WPML stores a cookie on your end
device to save the language setting you have selected. This allows personal data to be stored and analyzed,
in particular the user’s activity (in particular which pages have been visited and which elements have been
clicked on) as well as device and browser information (in particular the IP address and operating system).
Further information on the processing of data by WPML can be found here:
https://wpml.org/de/documentation-3/privacy-policy-and-gdpr-compliance/
Purpose of data processing of personal data
The use of WPML enables us to display our online presence in multiple languages.

3. Legal basis for the processing of personal data

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in
addressing visitors to our online presence in their native language.

4. Duration of storage

WPML stores cookies on your end device. Information on the storage duration of cookies can be found at:
https://wpml.org/documentation/privacy-policy-and-DSGVO-compliance

5. Exercising your rights

You can prevent the collection and processing of your personal data by WPML by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can find further information on objection and removal options vis-à-vis WPML at:
https://wpml.org/de/documentation-3/privacy-policy-and-gdpr-compliance/

Use of Google Tag Manager

1. Scope of the processing of personal data

We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600
Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland
Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). Google Tag
Manager can be used to manage and bundle tags from Google and third-party services and embed them on
an online presence. Tags are small code elements on an online presence that are used, among other things,
to measure visitor numbers and behaviour, to record the impact of online advertising and social channels, to
use remarketing and targeting and to test and optimize online presences. When a user visits the online
presence, the current tag configuration is sent to the user’s browser. It contains instructions as to which tags
should be triggered. Google Tag Manager triggers other tags, which in turn may collect data. Information on
this can be found in the sections on the use of the corresponding services in this privacy policy. Google Tag
Manager does not access this data.
You can find more information about Google Tag Manager
at https://www.google.com/intl/de/tagmanager/faq.html and in Google’s privacy policy:
https://policies.google.com/privacy?hl=de

2. Purpose of data processing

The purpose of processing personal data is to collect and clearly manage and efficiently integrate the
services of third-party providers.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.
Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie
information after 9 or 18 months.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Google by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of
the online presence (including your IP address) and from processing this data by Google by downloading
and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
You can use the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and removal options vis-à-vis Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Twitter Analytics

1. Scope of the processing of personal data

We use the analysis tool Twitter Analytics from X Corp, 1355 Market Street, Suite 900, San Francisco, CA
94103, USA (hereinafter referred to as: Twitter).
With Twitter Analytics, we can measure interaction with Twitter users, learn the interests, locations and
origins of our followers and track how our Twitter Cards generate clicks, app installs and retweets. The
following data is processed:
– IP address (anonymized)
– Browser type
– Referrer/exit pages
– Operating system
– Time and date of access
– Clickstream data
– Views
– Clicks
– Twitter account data
Further information on the processing of data by Twitter Analytics can be found here:
https://twitter.com/de/privacy

2. Purpose of data processing

The processing of users’ personal data by Twitter Analytics enables us to analyze the performance of our
advertising on Twitter and the interactions with Twitter users. By analyzing the data obtained, we are able
to compile information about the use of the individual components of our website. This helps us to
constantly improve our advertising measures and, in this context, to increase user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Twitter by preventing the storage of
third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to deactivate the use of your personal data by Twitter:
https://twitter.com/personalization
Further information on objection and removal options vis-à-vis Twitter can be found at:
https://twitter.com/de/privacy

Use of LinkedIn Analytics

1. Scope of the processing of personal data

We use the LinkedIn Analytics analysis service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin
2, Ireland (hereinafter referred to as LinkedIn). By using LinkedIn Analytics, pseudonymized user profiles
are created for users. The profiles are used to analyze user behavior and are used to optimize our offer.
The following data is processed:
– Information on the operating system
– Device identification
– Internet service provider
– IP address
– Referrer URL
– Browser information
Further information on the processing of data by LinkedIn can be found here:
https://www.linkedin.com/legal/privacy-policy

2. Purpose of data processing

The processing of users’ personal data by LinkedIn Analytics enables us to analyze the surfing behavior of our
users. By analyzing the data obtained, we are able to compile information about the use of the individual
components of our website. This helps us to continuously improve our online presence and, in this context, to
increase user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the consent of the user in accordance
with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Exercising your rights

You have the right to withdraw your declaration of consent under data protection law at any time. The
withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage
of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser,
deactivating the execution of script code in your browser or installing a script blocker such as NoScript
(https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to deactivate the use of your personal data by LinkedIn:
https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences
Further information on objection and removal options vis-à-vis LinkedIn can be found at
https://www.linkedin.com/legal/privacy-policy

Use of Borlabs Cookie

1. Scope of the processing of personal data

We use Borlabs Cookie, a cookie consent management tool provided by Borlabs GmbH, 22305 Hamburg,
Germany. Borlabs Cookie helps us to manage and document the consents of website visitors for cookies
and similar technologies. When visitors interact with the consent banner, Borlabs Cookie processes data
including their cookie preferences, device and browser information, IP address and consent history. This
data is essential for us to comply with legal requirements and to respect the privacy preferences of our
visitors.

2. Purpose of data processing

The main purpose of using Borlabs Cookie is to enable our website to comply with legal obligations under
the GDPR and the TDDDG. By effectively managing cookie consents, we ensure that our website respects
our visitors’ choices regarding privacy and the use of cookies and related technologies.

3. Legal basis for the processing of personal data

The processing of personal data by Borlabs Cookie is based on the legal requirement to obtain and
document the consent of website visitors for the use of cookies and similar technologies in accordance with
Art. 6 para. 1 (c) GDPR and § 25 TDDDG.

4. Duration of storage

The personal data collected by Borlabs Cookie will be stored for as long as necessary to document consent
and comply with legal obligations. The retention period is determined by legal requirements for the
documentation of consent. The data is securely deleted as soon as it is no longer needed for its intended
purpose or when the legal retention periods expire.

5. Exercising your rights

For more information about how Borlabs Cookie processes personal data and about visitors’ rights, please
refer to Borlabs Cookie’s privacy policy at: Borlabs Privacy Policy.

Integration of plugins via external service providers

1. Description and scope of data processing

We integrate certain plugins on our website via external service providers in the form of content delivery
networks. When you visit our website, a connection is established to the servers of the providers we use to
retrieve content and store it in the cache of the user’s browser. As a result, personal data may be stored and
analyzed in server log files, in particular device and browser information (especially the IP address and
operating system). We use the following services:

  • Softgarden
2. Purpose of data processing

The use of the functions of these services serves to deliver and accelerate online applications and content.

3. Legal basis for data processing

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest
in the technically error-free presentation and optimization of its website.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Exercising your rights

Information on exercising your rights against Softgarden can be found at:
https://app.softgarden.io/just-hire/data-privacy

This privacy policy was created with the support of DataGuard.

Overview

Customer Journey Mapping

Collaborate across teams to create customer journeys

Customer Journey Management

Merge your journey maps with a framework designed for your company

Customer Journey Analytics

Connect data sources with your customer journeys and touchpoints

Customer Journey Orchestration

Distribute relevant insights and trigger actions – continuously and automatically

Success Story

Generali Switzerland's Customer Journey Management

Overview

cxomni Journey Mapping Tool

A Customer Journey Mapping tool for best in class experiences.

cxomni Journey Mapping Framework

Your toolbox for a standardized CX/UX taxonomy

cxomni Journey Analytics

Connect all data sources at Touchpoints and Customer Journeys

cxomni Actions Manager

Orchestrate insights on requirements and recommendations for action

Playbook

Introduction of a holistic Journey Management Framework

Overview

cxomni Blog

Everything you need to know about Customer Journey Management and Customer Experience

CX Expert Webinars & Events

Learn more about our upcoming events, webcasts and webinars

Best Practice Downloads

Informative guides, whitepapers and case studies to download

CX Expert Webcast

Achieving Excellence through Journey Management

Overview

Why cxomni?

cxomni was founded as a start-up in Munich and is a thought leader for Customer Journey Management

Jobs & Career

Become part of a dynamic start-up

Information Security & Data Protection

Information security & data protection are key elements of cxomni platform

Subscribe to our Newsletter

Current Topics & News about Customer Journey Management