Personal data is all information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1. responsible person
The person responsible for data processing within the meaning of the DSGVO, other data protection laws applicable in the member states of the European Union and other regulations of a data protection nature is
Represented by: Managing Director: Alois Maier
2. purposes of data use, legal basis and our legitimate interests
A use of this website is basically possible without any indication of personal data. If such data is collected, the following applies:
a. Collection of general data and information and its purpose
Through this website, we collect various general data and information with each visit. We store these in the so-called log files of the server. can be recorded:
- the browser types and versions you use, together with information about the type and model of your display device,
- the operating system you use,
- the website from which you can access our website (so-called referrer),
- the sub-internet pages, which are accessed via an accessing system on our website,
- the date and time of your visit to our website,
- Your Internet Protocol (IP) address,
- Your Internet service provider and- other similar data and information that serves to prevent and defend against attacks on our IT systems.
We do not draw any conclusions about your person from this data and information. We need this information in order to display our website correctly, to ensure the functionality of our IT systems and our website, and to be able to provide law enforcement agencies with the information necessary for prosecution in the event of criminal offences. This is a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 letter f) DSGVO, which, if necessary, is the legal basis for any processing of personal data in this context.
We store the anonymous data of the server log files separately from any personal data entered by you.
Furthermore, the contents of our website are partly loaded from external servers (Google fonts). The aforementioned data is also transferred to these servers, so that third parties can also access them. The use of these components increases the security, speed and user-friendliness of our website. For the processing of your personal data in this context we obtain your consent, which can be revoked at any time, Art. 6 para. 1 p. 1 lit. a) DSGVO.
b. Collection of personal data and its purpose
On our website there are several ways to get in contact with us. For example, you can contact us via the e-mail address we have provided or use a contact form or corresponding function. When you contact us in this way, we store the personal data you enter. Which data is collected in each case is determined by the type of communication or the fields of the form used.
Such voluntarily submitted data will be stored by us for the purpose of processing your inquiries and/or contacting you. We do not pass on personal data to third parties. When contacting us, data is collected in accordance with Art. 6 Para. 1 S. 1 lit. b) DSGVO. It is then required for the implementation of pre-contractual measures. If a contract is concluded, the data is also collected in accordance with Art. 6 para. 1 sentence 1 lit. b) DSGVO.
Should the processing of personal data be necessary and there is no legal basis for such a processing in accordance with the above-mentioned regulations, we will obtain your consent. In such cases Art. 6 para. 1 sentence 1 lit. a) DSGVO would be the legal basis for data processing.
c. Automated decision making
No automated decision making or profiling takes place.
3. duration of storage
We store your personal data only as long as we are obliged to do so by law (e.g. tax laws). After the relevant retention period has expired, we routinely delete the relevant data if it is no longer required for contract fulfillment or contract initiation. If the storage purpose ceases to apply before the expiry of a statutory retention period, we delete the corresponding data immediately. If we have to delete data because you have exercised your right to intervene, this will also be done immediately.
4. your rights
a. Right to confirmation (Art. 15 DSGVO)
You have the right to request confirmation as to whether we are processing personal data concerning you. Any such requests should be addressed to us. If you make the request electronically, we will provide the information in a standard electronic format unless you specify otherwise.
b. Right to information (Art. 15 DSGVO)
If we process personal data concerning you, you have the right to receive free information from us at any time about the personal data stored about you and a copy of this data. You can also request information about the following information from us:
- the processing purposes;
- the categories of personal data that are processed;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organizations;
- if possible, the envisaged duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
- the existence of a right of rectification or erasure of personal data concerning you or of a right to limit processing by us or to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- if the personal data is not collected from you, all available information on the origin of the data;
- the existence of an automated decision-making process, including profiling, in accordance with Art. 22, paras. 1 and 4 of the DPA, and - at least in these cases - meaningful
Information about the logic involved and the scope and intended effects of such processing for you.
You also have the right to know whether we transfer personal data to a third country or to an international organization. If we do so, you have the right to be informed of the appropriate guarantees relating to the transfer.
You can contact us at any time to exercise the aforementioned rights to information. If you make the request electronically, we will provide the information in a standard electronic format unless you specify otherwise.
c. Right of rectification (Art. 16 DSGVO)
You have the right to request the immediate correction of incorrect personal data concerning you and, taking into account the purposes of the processing, the completion of incomplete personal data, also by means of a supplementary declaration. Corresponding inquiries should be addressed to us.
d. Right to cancellation (right to be forgotten) (art. 17 DSGVO)
You can demand that the personal data concerning you be deleted immediately if one of the following reasons applies:
- the personal data is no longer necessary for the purposes for which it was collected or otherwise processed
- you revoke your consent on which the processing was based pursuant to Art. 6 para. 1 sentence 1 lit. a) DSGVO or Art. 9 para. 2 a) DSGVO and there is no other legal basis for the processing;
- you object to the processing in accordance with Art. 21 para. 1 FADP and there are no legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 para. 2 FADP;
- the personal data have been processed unlawfully;
- the deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject, or
- the personal data has been collected in relation to information society services offered in accordance with Art. 8 para. 1 DSGVO
If one of the above reasons applies and you would like us to delete your personal data, you can contact us at any time.
e. Right to limitation of processing (Art. 18 DSGVO)
You have the right to request us to restrict processing if one of the following conditions is met:
you contest the accuracy of the personal data, for a period of time that allows us to verify the accuracy of the personal data
the processing is unlawful, you object to the deletion of the personal data and instead demand the restriction of the use of the personal data;
we no longer need the personal data for the purposes of the processing, but you need the personal data to assert, exercise or defend legal claims; or
You have lodged an objection to the processing pursuant to Art. 21 para. 1 DSGVO and it is not yet clear whether our legitimate reasons outweigh yours.
- If one of the above reasons applies and you would therefore like to request a restriction of the processing of your data, you can contact us at any time.
- If the processing has been restricted by us, we may process this personal data - apart from storing it - only with your consent or for the purpose of asserting, exercising or
- defending legal claims or protecting the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.
f. Right to data transferability (Art. 20 DSGVO)
You have the right to receive the personal data concerning you which you have provided us with in a structured, common and machine-readable format. You also have the right to transfer this data to third parties without hindrance from us, provided that the processing is based on the consent pursuant to Art. 6 para. 1 sentence 1 lit. a) DSGVO or Art. 9 para. 2 a) DSGVO or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b) DSGVO and that the processing is carried out using automated procedures. Furthermore, you have the right to demand that the personal data be transferred directly from us to third parties, as far as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.
These rights do not apply if the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. You can contact us at any time to assert your right to data transfer.
g. Right to object (Art. 21 DSGVO)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out pursuant to art. 6, paragraph 1, sentence 1, letter e) or f) of the Privacy Code.
In the event of an objection, we will no longer process the personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms, or unless the processing serves the assertion, exercise or defence of legal claims.
If personal data are processed for the purpose of direct advertising, you can also object to this at any time. We will then no longer process your data for this purpose.
In addition, you have the right to object, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89, paragraph 1 of the DPA, unless such processing is necessary for the performance of a task carried out in the public interest.
You can contact us at any time to assert your right to object. You may also exercise your right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.
h. Right to revoke a data protection consent (Art. 7 DSGVO)
You have the right to revoke your consent to the processing of personal data at any time. You can send us corresponding messages. Revocation does not affect the lawfulness of the data processing carried out up to the time of receipt.
i. Right of complaint (Art. 77 DSGVO)
You have the right to lodge complaints with the relevant supervisory authority at any time. You must contact them for this purpose.
5. further information
Please note that the provision of personal data is partly required by law (e.g. tax laws) and/or may result from contractual obligations (e.g. data of the contractual partner). It is also required for the conclusion of a contract.
You only need to provide us with personal data if you wish to contact us or conclude a contract with us. If you do not provide us with data in such cases, we will not be able to contact you or conclude contracts.
a. General information
Information is stored in the cookie that is related to the specific terminal device used. This makes it possible, for example, to trace which websites the user has visited. In addition to information on pages called up, the data may also contain details of the user's e-mail address and name. Furthermore, surfing habits can be transmitted to the website operator or tracking or web analysis systems.
Many cookies contain a so-called cookie ID. This is a unique identifier of the cookie, which consists of a string of characters. This allows Internet pages and servers to be assigned to the Internet browser in which the cookie was stored. These assigned Internet pages and servers can then recognize and identify a particular Internet browser by means of the unique cookie ID and thus distinguish it from other browsers.
The user of such an Internet page does not then have to enter his access data each time he accesses the site, for example. This is done automatically via the corresponding function on the website and the cookie stored in the browser.
b. Technically not necessary cookies
Cookies that are not technically necessary are all those cookies that are not absolutely technically necessary for the operation of a website and the provision of specific page functions. Cookies that are not technically necessary can be divided into the function groups "cookies for user preferences", "cookies for performance and statistics" and "cookies for marketing", but also into so-called "non-persistent cookies" and "persistent cookies".
"Cookies for user preferences" are used to recognize users and their settings when they return to a website. "Cookies for performance and statistics" are used to analyze the use of websites and user behavior. "Cookies for marketing" are used to analyze the visit of a website (e.g. which links were clicked, which subpages were visited).
So-called "non-persistent cookies" are only stored for the duration of a user session. They ensure, for example, that the visitor does not have to log in again and again when surfing a password-protected website. "Persistent cookies" are stored in the user's browser to enable tracking across sessions. These are persistent cookies that are permanently stored on the client.
Cookies that are not technically necessary include all cookies from third-party applications (so-called third party cookies), which are used to track a certain surfing behavior of site visitors for marketing, market research, market analysis or cooperation purposes. These cookies include in particular cookies from tracking and analysis tools (e.g. Google Analytics), cookies from affiliate services, cookies from remarketing services (e.g. Google Ads), cookies from social media plug-ins (e.g. Facebook, Instagram, Google+, LinkedIn, Pinterest, Twitter), cookies from video embedding applications (e.g. Vimeo, Youtube), cookies from scalable centralized measurement methods (SZM) or cookies relating to online map services such as Google Maps and OpenStreetMaps. When using cookies that are not technically necessary, we will obtain your consent, which can be revoked at any time, before using them. The legal basis for this is Art. 6 para. 1 sentence 1 lit. a) DSGVO.
c. Technically necessary cookies
Technically necessary cookies, on the other hand, are all those cookies that are necessary for the operation of a website and its functions. Technically necessary cookies are in particular so-called session cookies, which save certain settings of the user (e.g. the shopping cart, language settings or log-in data), flash cookies for playing back media content, cookies set by integrated payment service providers, provided that they do not analyze specific usage behavior, but only serve to prepare possible payments or to check payment legitimacy, or opt-out cookies, with which cookie consents can be revoked.
If technically necessary cookies are used, Art. 6 para. 1 sentence 1 lit. f) DSGVO constitutes the legal basis for the processing of your personal data.
d. "session cookies"
We use so-called "session cookies" on our website and thus technically necessary cookies, which are only stored for the duration of your current visit to our online presence (e.g. to enable the storage of your login status or the use of our online offer at all). In a "session cookie" a randomly generated unique identification number is stored, a so-called session ID. In addition, a "session cookie" contains information about its origin and the storage period. These "session cookies" cannot store any other data. "Session cookies are deleted when you stop using our online services and log out or close the browser, for example.
Your settings made in the cookie settings are stored on your computer or mobile device. Therefore, you do not need to change them again if you delete your browsing history or use a different device or Internet browser.
You can object to the use of technically necessary cookies and thus to the use of our "session cookies" at any time by making the appropriate settings in your browser to prevent cookies from being set by our website. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser inform you when you receive a new cookie or how to delete all cookies you have already received and block the browser for all further cookies. If you permanently object to the setting of cookies, please note that this may result in our website, or at least part of our website, not being available and therefore some functions not being able to be used.
e. Google Fonts
On our website we use Google Fonts. These are the "Google Fonts" of the company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google"). For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
You do not need to sign in or provide a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you do not need to worry about your Google Account information being submitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this information.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.
With Google Fonts we can use fonts on our website. Google Fonts is an important component to keep the quality of our website high. All Google fonts are automatically optimized for the web. This saves data volume and is a great advantage especially for the use with mobile devices. If you visit our website, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can visually distort some texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts to make our online service as beautiful and consistent as possible.
When you visit our website, the fonts are reloaded via a Google server. This external call transfers data to the Google servers. In this way, Google also recognizes that you visit our website via your IP address. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for a proper provision of fonts. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests at Google. Through the collected usage figures, Google can determine how well each font is received. Google publishes the results on internal analysis pages, such as Google Analytics.
Through each Google Font request, information such as language settings, IP address, browser version, screen resolution of the browser and name of the browser is automatically transmitted to the Google servers. Whether this data is also stored is not clearly ascertainable or is not clearly communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google style sheet. A stylesheet is a style template that allows you to easily and quickly change, for example, the design or font of a web page.
The font files are stored at Google for one year. Google's goal is to improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and reappear immediately on all other websites visited later.
In connection with the storage of your personal data in the context of Google Fonts, we expressly point out the following:
For the United States of America, there is no adequacy finding by the Commission pursuant to Art. 45 DSGVO. Until the ruling of the European Court of Justice, ruling of 16 July 2020, ref. no. C-311/18, Google LLC was legally able to invoke the guarantees pursuant to Art. 46 DSGVO with regard to data protection. Information on this was available for you at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
In the opinion of the European Court of Justice (hereinafter ECJ), there is no adequate level of protection in the USA within the meaning of Art. 45 (1) DSGVO. According to its interpretation, the PRISM and UPSTREAM programs of the American security authorities, which have been reviewed by the ECJ, enable comprehensive and unprompted state mass surveillance. According to the ECJ, Internet traffic is read widely and made accessible to secret services based on specific selectors. Moreover, judicial control is not or only to a limited extent possible. According to the ECJ, this is not remedied by the ombudsman, to whom those affected can turn in the event of possible legal violations: The EuGH doubts whether this is "unabhängig″ and can make binding decisions for the secret services. As the ECJ has declared the privacy shield principles to be invalid, we would like to point out that if you have given your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) DSGVO, your data will be processed by Google in the USA. The USA is considered by the ECJ to be a country with an inadequate level of data protection according to EU standards. There is therefore a particular risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. For this reason, we obtain your consent, which can be revoked at any time, within the framework of cookie consent in accordance with Art. 49 para. 1 sentence 1 lit. a) DSGVO. You can proceed as described in section 6, 6.d. You can therefore prevent the setting of cookies / data processing as described in the previous bullet point (6. Cookies) and thus permanently object to it. You can also delete cookies that have already been set. All these options also apply to the cookies set by Google. You can find more information on this under Privacy Settings.
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transferred to Google when the page is called up. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=331593074497. You prevent the data storage if you have not given your consent according to Art. 49 para. 1 p. 1 lit. a) DSGVO.
Unlike other web fonts, Google allows us unlimited access to all fonts. This means that we have unlimited access to a large number of fonts and can thus achieve the optimum for our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=331593074497.
You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
f. Google Tag Manager
We use the Google Tag Manager on our website: Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal information. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain disabled for all tracking tags implemented by Google Tag Manager.
g. Google Analytics (with anonymization feature)
We use the Google Analytics service (with anonymization function) on this website. This service collects, collects and evaluates data on the behaviour of users of a website. This data is used to optimize a website and for cost-benefit analysis of internet advertising.
The operating company of the Google Analytics component is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
We use the addition "_gat._anonymizeIp" for the use of Google Analytics. If you access our Internet pages from a member state of the European Union or from another state that is a signatory to the Agreement on the European Economic Area, this will result in the IP address of your Internet connection being shortened and made anonymous by Google.
Google uses the information collected to obtain detailed information about the use of our website. Google then makes this information available to us in the form of corresponding reports. They are the basis for further services of Google, which are connected with the use of our website.
The analysis by Google is carried out via a cookie set on the user's browser. Each time our website is accessed, this cookie causes the browser to forward usage data to Google. Google uses this data to record the origin of visitors and the number of clicks and to calculate its commissions accordingly.
The cookie stores personal data, such as
IP address of the Internet connection you use,
the time of the call, the location from which the call originated and
the frequency of the calls.
Our website transmits this personal data to Google in the United States of America with every visit. Google stores them there. We have no influence on the further processing and use of the data by Google and can therefore not take responsibility for this.
For the United States of America, there is no adequacy decision of the Commission according to Art. 45 DSGVO. Until the ruling of the European Court of Justice, ruling of 16 July 2020, Case No. C-311/18, Google LLC was legally able to invoke the guarantees pursuant to Art. 46 DSGVO with regard to data protection. Information on this was available for you at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
The following also applies in connection with Google Analytics: According to the ECJ, there is no adequate level of protection in the USA within the meaning of Art. 45 (1) DSGVO. According to its interpretation, the ECJ reviewed PRISM and UPSTREAM programs of the US security authorities enable comprehensive and unprompted government mass surveillance. According to the ECJ, Internet traffic is read widely and made accessible to secret services based on specific selectors. Moreover, judicial control is not or only to a limited extent possible. According to the ECJ, this is not remedied by the ombudsman, to whom those affected can turn in the event of possible legal violations: The EuGH doubts whether this is "unabhängig″ and can make binding decisions for the secret services. Since the ECJ has declared the privacy shield principles to be invalid, we would like to point out that if you have given your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) DSGVO, your data will be processed by Google in the USA. The USA is considered by the ECJ to be a country with an inadequate level of data protection according to EU standards. There is therefore a particular risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. For this reason, we obtain your consent, which can be revoked at any time, in accordance with Art. 49 Para. 1 S. 1 lit. a) DSGVO. You can proceed as described under item 6, 6.d. You can therefore prevent the setting of cookies / data processing as described in the previous bullet point (6. Cookies) and thus permanently object to it. You can also delete cookies that have already been set. All these options also apply to the cookies possibly set by Google. You can find more information on this under Privacy Settings.
You can also object to Google collecting and processing data about you and thus prevent this. To do so, you must install a browser add-on under the link
Alternatively, or when using browsers on mobile devices, you can prevent the collection of your data by clicking on the button at the bottom left of the window, where you can set the collection accordingly.
We have concluded a contract with Google for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
7. contact form
If you use our contact form to get in touch with us, we store the information from the form on our system to enable us to process your inquiry and answer it as well as to enable us to answer any questions you may have. By using the contact form you agree to this. You can revoke this consent at any time informally (e.g. by e-mail). In this context, the data will be processed on the basis of your consent in accordance with Art. 6 para. 1 p. 1 lit. a) DSGVO. We will not pass on this data to third parties without your consent.