Privacy Policy

Privacy Policy

We are very pleased about your interest in our company. Data protection has an exceptionally high priority for the management of Systemic Epigenetics. The use of the Systemic Epigenetics websites is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in compliance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Systemic Epigenetics. Through this privacy policy, our company intends to inform the public about the type, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their entitled rights through this privacy policy.

Systemic Epigenetics, as the party responsible for processing, has implemented numerous technical and organizational measures to ensure the most comprehensive protection possible of the personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every affected person is free to transmit personal data to us via alternative means, for example by telephone.

1. Definitions

The privacy policy of Systemic Epigenetics is based on the terms used by the European legislative and regulatory authorities when enacting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy, we use, among others, the following terms:

a) Personal Data

Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics that are an expression of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning or combining, restricting, erasing or destroying.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling

Profiling is any form of automated processing of personal data that consists of using this personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects regarding work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of this natural person.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that these additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data are not assigned to an identified or identifiable natural person.

g) Controller or person responsible for processing

The controller or person responsible for processing is the natural or legal person, authority, institution, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. If the purposes and means of this processing are determined by Union law or the law of the Member States, the controller or the specific criteria for their appointment may be provided for by Union law or the law of the Member States.

h) Processor

A processor is a natural or legal person, authority, agency, or other body that processes personal data on behalf of the controller.

i) Recipient

A recipient is a natural or legal person, authority, agency, or other body to whom personal data is disclosed, regardless of whether they are a third party or not. However, authorities that may receive personal data in the context of a specific investigation mandate under Union law or the law of the Member States are not considered recipients.

j) Third party

A third party is a natural or legal person, authority, institution, or other body other than the data subject, the controller, the processor, and the persons who are authorized to process personal data under the direct authority of the controller or the processor.

k) Consent

Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes in the form of a statement or other clear affirmative action, by which the data subject signifies agreement to the processing of personal data relating to them.

2. Name and address of the controller responsible for processing

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other provisions with a data protection character is:

Systemische Epigenetik

Georg-Alexander Reuther

Hohenzollernstr. 74

80801 Munich

Germany

Tel.: 089 12287585

E-Mail: re*****@********************ik.com

Website: www.systemische-epigenetik.com

3. Collection of General Data and Information

The website of Systemic Epigenetics collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information are stored in the server’s log files.

The following may be recorded: (1) the types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the subpages accessed on our website via an accessing system, (5) the date and time of access to the website, (6) an Internet Protocol (IP) address, (7) the Internet service provider of the accessing system, and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using these general data and information, Systemic Epigenetics does not draw any conclusions about the data subject. Rather, this information is required in order to (1) correctly deliver the content of our website, (2) optimize the content of our website as well as its advertising, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack.

These anonymously collected data and information are therefore evaluated by Systemic Epigenetics both statistically and with the aim of increasing data protection and data security within our company, in order to ultimately ensure an optimal level of protection for the personal data we process.

The anonymous data of the server log files are stored separately from any personal data provided by a data subject.

4. Routine Deletion and Blocking of Personal Data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the storage purpose or as provided for by the European directive and regulation authorities or another legislator in laws or regulations to which the controller is subject.

If the storage purpose no longer applies or a storage period prescribed by the European directive and regulation authorities or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.

5. Rights of the Data Subject

a) Right to Confirmation

Every data subject has the right granted by the European legislators to request from the controller a confirmation as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the controller at any time.

b) Right of Access

Every person affected by the processing of personal data has the right granted by the European legislators to obtain from the controller at any time and free of charge information about the personal data stored about them and a copy of this information. Furthermore, the European legislators have granted the data subject access to the following information:

c) Right to Rectification

Every data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to have incomplete personal data completed — including by means of providing a supplementary statement.

If a data subject wishes to exercise this right of rectification, they may contact any employee of the controller at any time.

---

d) Right to Erasure (Right to be Forgotten)

Every data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller the erasure of personal data concerning them without undue delay, provided that one of the following grounds applies and insofar as the processing is not necessary:

The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

The data subject withdraws consent on which the processing is based pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, and there is no other legal ground for the processing.

The data subject objects to the processing pursuant to Art. 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR.

The personal data have been unlawfully processed.

The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.

The personal data were collected in relation to information society services offered pursuant to Art. 8(1) GDPR.

If one of the above-mentioned reasons applies and a data subject wishes to request the deletion of personal data stored by Systemic Epigenetics, they can contact an employee of the controller responsible for processing at any time. The employee of Systemic Epigenetics will ensure that the deletion request is complied with without delay.

If the personal data has been made public by Systemic Epigenetics and our company, as the controller pursuant to Art. 17 para. 1 GDPR, is obliged to delete the personal data, Systemic Epigenetics shall, taking into account the available technology and implementation costs, take appropriate measures, including technical ones, to inform other controllers processing the published personal data that the data subject has requested from these other controllers the deletion of all links to this personal data or copies or replications of this personal data, insofar as the processing is not necessary. The employee of Systemic Epigenetics will take the necessary action on a case-by-case basis.

e) Right to restriction of processing

Any person concerned with the processing of personal data has the right granted by the European directive and regulation legislator to request the controller to restrict processing if one of the following conditions is met:

The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.

The processing is unlawful, the data subject refuses the deletion of personal data and instead requests the restriction of the use of personal data.

The controller no longer needs the personal data for the purposes of processing, but the data subject needs them for the establishment, exercise, or defense of legal claims.

The data subject has objected to the processing pursuant to Art. 21(1) GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

If one of the above-mentioned conditions is met and a data subject wishes to request the restriction of personal data stored at Systemic Epigenetics, they may contact an employee of the controller at any time. The employee of Systemic Epigenetics will initiate the restriction of processing.

f) Right to data portability

Every person affected by the processing of personal data has the right granted by the European legislators of directives and regulations to receive the personal data concerning them, which was provided by the data subject to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract according to Art. 6(1)(b) GDPR and the processing is carried out using automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, the data subject has the right, when exercising their right to data portability pursuant to Art. 20 para. 1 GDPR, to request that the personal data be transmitted directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

To assert the right to data portability, the data subject can at any time contact an employee of Systemic Epigenetics.

g) Right to object

Any person concerned with the processing of personal data has the right granted by the European legislators and regulators to object at any time, for reasons arising from their particular situation, to the processing of personal data concerning them that is carried out pursuant to Art. 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions.

Systemic Epigenetics will no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate reasons for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves the assertion, exercise, or defense of legal claims.

If Systemic Epigenetics processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing purposes. This also applies to profiling, insofar as it is related to such direct marketing. If the data subject objects to the processing for direct marketing purposes to Systemic Epigenetics, Systemic Epigenetics will no longer process the personal data for these purposes.

In addition, the data subject has the right to object, on grounds relating to their particular situation, to the processing of personal data concerning them carried out by Systemic Epigenetics for scientific or historical research purposes or for statistical purposes in accordance with Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

To exercise the right to object, the data subject can contact any employee of Systemic Epigenetics directly or another employee. Furthermore, the data subject is free, in connection with the use of information society services, regardless of Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.

h) Automated individual decision-making including profiling

Every person affected by the processing of personal data has the right granted by the European legislators not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is permitted by Union or Member State law to which the controller is subject and which contains suitable measures to safeguard the data subject’s rights and freedoms as well as legitimate interests, or (3) is based on the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is made with the explicit consent of the data subject, Systemic Epigenetics takes appropriate measures to protect the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to obtain intervention by a person on the part of the controller, to present one’s own point of view, and to contest the decision.

If the data subject wishes to exercise rights regarding automated decisions, they may contact an employee of the controller responsible for processing at any time.

i) Right to withdraw a data protection consent

Any person concerned by the processing of personal data has the right granted by the European directive and regulation legislator to withdraw consent to the processing of personal data at any time.

If the person concerned wishes to exercise their right to withdraw consent, they may contact an employee of the controller responsible for the processing at any time.

6. Data Protection Provisions on the Use and Employment of Facebook

The person responsible for processing has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is an online social meeting point, an online community that usually allows users to communicate with each other and interact in the virtual space. A social network can serve as a platform for exchanging opinions and experiences or it allows the online community to provide personal or business-related information. Facebook enables users of the social network, among other things, to create private profiles, upload photos, and network through friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The responsible entity for the processing of personal data, if a data subject lives outside the USA or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time one of the individual pages of this website, which is operated by the controller responsible for processing, and on which a Facebook component (Facebook plug-in) has been integrated, is called up, the internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be accessed at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical procedure, Facebook becomes aware of which specific subpage of our website is visited by the data subject.

If the affected person is simultaneously logged into Facebook, Facebook recognizes with each visit of our website by the affected person and during the entire duration of the respective stay on our website which specific subpage of our website the affected person visits. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the affected person. If the affected person clicks one of the Facebook buttons integrated on our website, for example the “Like” button, or leaves a comment, Facebook assigns this information to the personal Facebook user account of the affected person and stores this personal data.

Facebook receives information via the Facebook component that the person concerned has visited our website whenever the person concerned is logged into Facebook at the time of accessing our website; this occurs regardless of whether the person concerned clicks on the Facebook component or not. If the person concerned does not want such transmission of information to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing, and use of personal data by Facebook. Furthermore, it explains the settings options that Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress the transmission of data to Facebook. Such applications can be used by the person concerned to suppress the transmission of data to Facebook.

7. Data protection regulations on the use and application of Getty Images images

The party responsible for processing has integrated components from the company Getty Images on this website. Getty Images is an American image agency. An image agency is a company that offers images and other visual material on the market. Image agencies generally market photographs, illustrations, and film footage. Through an image agency, different customers, in particular website operators, editorial offices of print and TV media, and advertising agencies, license the images they use from them.

The operating company of the Getty Images components is Getty Images International, 1st Floor, The Herbert Building, The Park, Carrickmines, Dublin 18, Ireland.

Getty Images allows the (possibly free) embedding of stock images. Embedding is the inclusion or integration of specific external content, such as text, video, or image data, provided by an external website and then appearing on your own website. An embedding code is used for embedding. An embedding code is HTML code that is integrated into a website by a website operator. Once an embedding code has been integrated by a website operator, the external contents of the other website are displayed immediately by default whenever the website is visited. For displaying the external content, the external contents are loaded directly from the other website. Getty Images provides further information about embedding content at the link http://www.gettyimages.de/resources/embed.

Through the technical implementation of the embedding code that enables the display of images from Getty Images, the IP address of the internet connection through which the data subject accesses our website is transmitted to Getty Images. Furthermore, Getty Images collects our website, the type of browser used, the browser language, the time, and the duration of the access. Additionally, Getty Images can collect navigation information, that is, information about which of our subpages were visited by the data subject and which links were clicked, as well as other interactions performed by the data subject during their visit to our website. These data can be stored and evaluated by Getty Images.

Further information and the applicable privacy policies of Getty Images can be accessed at http://www.gettyimages.de/enterprise/privacy-policy.

8. Privacy policies regarding the use and deployment of Google Analytics (with anonymization function)

The person responsible for processing has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and evaluation of data about the behavior of visitors to websites. A web analytics service captures, among other things, data on which website a person came from to reach a website (so-called referrers), which subpages of the website were accessed, or how often and for how long a subpage was viewed. Web analytics is primarily used to optimize a website and for cost-benefit analysis of online advertising.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.

The person responsible for processing uses the add-on “_gat._anonymizeIp” for web analysis via Google Analytics. This add-on causes Google to shorten and anonymize the IP address of the internet connection of the data subject when accessing our websites from a member state of the European Union or from another contracting state of the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our websites, and to provide other services related to the use of our website.

Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. Each time one of the individual pages of this website, which is operated by the controller responsible for processing and on which a Google Analytics component has been integrated, is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. Within the scope of this technical procedure, Google gains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently enable commission statements.

Personal information, for example the access time, the location from which an access originated, and the frequency of visits to our website by the data subject, is stored via the cookie. With each visit to our website, these personal data, including the IP address of the internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass on this personal data collected through the technical process to third parties.

The data subject can prevent the setting of cookies by our website at any time, as already described above, by means of an appropriate setting of the Internet browser used, and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the possibility to object to the collection of data generated by Google Analytics and related to the use of this website, as well as to the processing of such data by Google, and to prevent it.

To do so, the data subject must download and install a browser add-on available via the following link:
https://tools.google.com/dlpage/gaoptout

This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google.

If the data subject’s information technology system is later deleted, formatted, or newly installed, the browser add-on must be reinstalled by the data subject in order to deactivate Google Analytics again. If the browser add-on is uninstalled or disabled by the data subject or any other person within their control, it can be reinstalled or reactivated.

Further information and Google’s applicable privacy policies can be accessed at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link https://www.google.com/intl/de_de/analytics/.

9. Data Protection Regulations on the Use and Application of Google+

The controller responsible for processing has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is an online social meeting place, an online community that usually allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences or allows the internet community to provide personal or business-related information. Google+ allows users of the social network, among other things, to create private profiles, upload photos, and connect through friend requests.

The operating company of Google+ is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Whenever one of the individual pages of this website operated by the controller is accessed and a Google+ button has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective Google+ button to download a representation of the corresponding Google+ button from Google. As part of this technical process, Google becomes aware of which specific subpage of our website is visited by the data subject. Further information about Google+ can be found at https://developers.google.com/+/

If the data subject is simultaneously logged in to Google+, Google recognizes with each visit to our website by the data subject and for the entire duration of the respective visit which specific subpage of our website the data subject is visiting. This information is collected by the Google+ button and assigned by Google to the respective Google+ account of the data subject.

If the data subject activates one of the Google+ buttons integrated on our website and thereby submits a Google+1 recommendation, Google assigns this information to the data subject’s personal Google+ user account and stores this personal data. Google stores the Google+1 recommendation of the data subject and makes it publicly available in accordance with the terms accepted by the data subject in this regard.

A Google+1 recommendation made by the data subject on this website is subsequently stored and processed together with other personal data, such as the name of the Google+1 account used by the data subject and the photo stored therein, in other Google services, for example in the search engine results of Google Search, in the data subject’s Google account, or at other locations, such as on websites or in connection with advertisements.

Furthermore, Google is able to link the visit to this website with other personal data stored by Google. Google also records this personal information for the purpose of improving or optimizing its various services.

Google receives information via the Google+ button whenever the person concerned visits our website, provided that the person concerned is simultaneously logged into Google+ at the time of accessing our website; this occurs regardless of whether the person concerned clicks on the Google+ button or not.

If the person concerned does not want personal data to be transmitted to Google, they can prevent such transmission by logging out of their Google+ account before accessing our website.

Further information and Google’s applicable privacy policies can be accessed at https://www.google.de/intl/de/policies/privacy/. Further information from Google about the Google +1 button can be accessed at https://developers.google.com/+/web/buttons-policy.

10. Privacy policies regarding the use and utilization of Instagram

The entity responsible for processing has integrated components of the Instagram service on this website. Instagram is a service that can be classified as an audiovisual platform and allows users to share photos and videos as well as to further distribute such data on other social networks.

The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Each time one of the individual pages of this website, which is operated by the party responsible for processing and on which an Instagram component (Insta-Button) has been integrated, is called up, the internet browser on the information technology system of the affected person is automatically prompted by the respective Instagram component to download a display of the corresponding component from Instagram. As part of this technical process, Instagram becomes aware of which specific subpage of our website is visited by the affected person.

If the affected person is simultaneously logged into Instagram, Instagram recognizes with each visit to our website by the affected person and throughout the entire duration of the respective stay on our website which specific subpage the affected person visits. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the affected person. If the affected person clicks one of the Instagram buttons integrated on our website, the data and information transmitted thereby are assigned to the personal Instagram user account of the affected person and stored and processed by Instagram.

Instagram receives information via the Instagram component that the person concerned has visited our website whenever the person concerned is logged into Instagram at the time of accessing our website; this occurs regardless of whether the person concerned clicks on the Instagram component or not. If the person concerned does not want such transmission of information to Instagram, they can prevent the transmission by logging out of their Instagram account before accessing our website.

Further information and the applicable privacy policies of Instagram can be accessed at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

11. Privacy policies regarding the use and application of LinkedIn

The entity responsible for processing has integrated components of LinkedIn Corporation on this website. LinkedIn is an internet-based social network that allows users to connect with existing business contacts as well as to establish new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

Each time our website, which is equipped with a LinkedIn component (LinkedIn plug-in), is accessed, this component causes the browser used by the person concerned to download a corresponding representation of the component from LinkedIn. Further information on LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn becomes aware of which specific subpage of our website is visited by the person concerned.

If the data subject is simultaneously logged into LinkedIn, LinkedIn recognizes, with each visit of our website by the data subject and for the entire duration of the respective stay on our website, which specific subpage of our website the data subject visits. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks a LinkedIn button integrated into our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn receives information through the LinkedIn component whenever the data subject visits our website, if the data subject is simultaneously logged into LinkedIn at the time of accessing our website; this occurs regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want such transmission of this information to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the option at https://www.linkedin.com/psettings/guest-controls to unsubscribe from email messages, SMS messages, and targeted ads, as well as to manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, who may set cookies. Such cookies can be declined at https://www.linkedin.com/legal/cookie-policy. LinkedIn’s applicable privacy policies are available at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

12. Data Protection Provisions on the Use and Application of Pinterest

The controller responsible for processing has integrated components of Pinterest Inc. on this website. Pinterest is a so-called social network. A social network is an internet-based social meeting place, an online community that usually allows users to communicate with each other and interact in the virtual space. A social network can serve as a platform for exchanging opinions and experiences or allows the online community to provide personal or company-related information. Pinterest enables users of the social network, among other things, to publish collections of images and individual images as well as descriptions on virtual pinboards (so-called pinning), which can then in turn be shared by other users (so-called repinning) or commented on.

The operating company of Pinterest is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

Each time one of the individual pages of this website, which is operated by the controller responsible for processing and on which a Pinterest component (Pinterest plug-in) has been integrated, is accessed, the Internet browser on the information technology system of the data subject is automatically caused by the respective Pinterest component to download a representation of the corresponding Pinterest component from Pinterest. More information about Pinterest can be found at https://pinterest.com/. As part of this technical process, Pinterest becomes aware of which specific subpage of our website is visited by the data subject.

If the data subject is simultaneously logged into Pinterest, Pinterest recognizes, with each visit of the data subject to our website and throughout the entire duration of the respective stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Pinterest component and assigned by Pinterest to the respective Pinterest account of the data subject. If the data subject clicks a Pinterest button integrated into our website, Pinterest assigns this information to the personal Pinterest user account of the data subject and stores this personal data.

Pinterest receives information via the Pinterest component whenever the data subject visits our website, if the data subject is logged into Pinterest at the time of the visit; this occurs regardless of whether the data subject clicks on the Pinterest component or not. If the data subject does not want such transmission of information to Pinterest, they can prevent the transmission by logging out of their Pinterest account before visiting our website.

The privacy policy published by Pinterest, which can be accessed at https://about.pinterest.com/privacy-policy, provides information about the collection, processing, and use of personal data by Pinterest.

13. Data protection provisions on the use and application of Twitter

The party responsible for processing has integrated components from Twitter on this website. Twitter is a multilingual publicly accessible microblogging service on which users can publish and share so-called Tweets, that is, short messages limited to 140 characters. These short messages are accessible to everyone, including persons not registered on Twitter. The Tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user’s Tweets. Furthermore, Twitter allows reaching a wide audience through hashtags, links, or retweets.

The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Every time one of the individual pages of this website, which is operated by the controller responsible for processing, and on which a Twitter component (Twitter button) has been integrated, is accessed, the web browser on the information technology system of the data subject is automatically caused by the respective Twitter component to download a representation of the corresponding Twitter component from Twitter. Further information on the Twitter buttons can be found at https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter becomes aware of which specific subpage of our website is being visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the content of this website, to make this website known in the digital world, and to increase our visitor numbers.

If the affected person is simultaneously logged into Twitter, Twitter recognizes, with each visit to our website by the affected person and during the entire duration of the respective stay on our website, which specific subpage of our website the affected person visits. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the affected person. If the affected person clicks one of the Twitter buttons integrated on our website, the data and information transmitted thereby are assigned to the personal Twitter user account of the affected person and are stored and processed by Twitter.

Twitter receives information via the Twitter component that the person concerned has visited our website whenever the person concerned is logged into Twitter at the time of accessing our website; this occurs regardless of whether the person concerned clicks on the Twitter component or not. If the person concerned does not want such transmission of information to Twitter, they can prevent the transmission by logging out of their Twitter account before accessing our website.

The applicable data protection regulations of Twitter can be accessed at https://twitter.com/privacy?lang=de.

14. Data protection regulations for the use and application of Xing

The party responsible for processing has integrated components from Xing on this website. Xing is an internet-based social network that enables users to connect with existing business contacts and establish new business contacts. Individual users can create a personal profile on Xing. Companies can, for example, create company profiles or publish job offers on Xing.

The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of the individual pages of this website, which is operated by the controller for processing and on which a Xing component (Xing plug-in) is integrated, is accessed, the internet browser on the information technology system of the data subject is automatically caused by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information about the Xing plug-ins can be found at https://dev.xing.com/plugins. As part of this technical process, Xing becomes aware of which specific subpage of our website is visited by the data subject.

If the data subject is simultaneously logged into Xing, Xing recognizes with each visit of our website by the data subject and for the entire duration of the respective stay on our website which specific subpage of our website the data subject visits. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks one of the Xing buttons integrated on our website, for example the “Share” button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.

Xing receives information via the Xing component every time the data subject visits our website, provided that the data subject is logged into Xing at the time of accessing our website; this occurs regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want such transmission of information to Xing, they can prevent this transmission by logging out of their Xing account before accessing our website.

The privacy policy published by Xing, which can be accessed at https://www.xing.com/privacy, provides information about the collection, processing, and use of personal data by Xing. Furthermore, Xing has published privacy notices for the XING share button at https://www.xing.com/app/share?op=data_protection.

15. Privacy policy regarding the use and deployment of YouTube

The person responsible for processing has integrated components from YouTube on this website. YouTube is an Internet video portal that allows video publishers to upload video clips for free and other users to also view, rate, and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete movies and TV shows, as well as music videos, trailers, or videos created by users themselves, can be accessed via the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website, which is operated by the party responsible for processing and on which a YouTube component (YouTube video) has been integrated, is called up, the Internet browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information about YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google become aware of which specific subpage of our website is visited by the data subject.

If the person concerned is logged into YouTube at the same time, YouTube recognizes, when a subpage containing a YouTube video is accessed, which specific subpage of our website the person concerned is visiting. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

YouTube and Google always receive information via the YouTube component that the person concerned has visited our website if the person concerned is logged into YouTube at the time of accessing our website; this occurs regardless of whether the person concerned clicks on a YouTube video or not. If such transmission of this information to YouTube and Google is not desired by the person concerned, they can prevent the transmission by logging out of their YouTube account before accessing our website.

The privacy policy published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provides information about the collection, processing, and use of personal data by YouTube and Google.

16. Legal basis of the processing

17. Legitimate interests in processing pursued by the controller or a third party

If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of all our employees and our shareholders.

18. Duration for which the personal data will be stored

The criterion for the duration of storage of personal data is the respective statutory retention period. After the period expires, the corresponding data will be routinely deleted, provided they are no longer required for contract fulfillment or contract initiation.

19. Legal or contractual provisions for providing personal data; necessity for contract conclusion; obligation of the data subject to provide personal data; possible consequences of non-provision

We inform you that the provision of personal data is partly required by law (e.g., tax regulations) or may also result from contractual provisions (e.g., information about the contractual partner). In some cases, it may be necessary for the conclusion of a contract that a data subject provides us with personal data, which must subsequently be processed by us.

For example, the data subject is obliged to provide us with personal data if our company enters into a contract with them. Failure to provide personal data would result in the contract not being concluded with the data subject.

Prior to providing personal data, the data subject may contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract, or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data, and what consequences the failure to provide such data would have.

20. Existence of automated decision-making

As a responsible company, we refrain from automatic decision-making or profiling.

This privacy policy was created using the privacy policy generator by the data protection officers in cooperation with RC GmbH, which recycles used notebooks, and the file-sharing lawyers from WBS-LAW.