Data privacy

Experience One AG’s privacy policy is based upon the terms as used in the legal regulations, e.g. those of the GDPR. To make our privacy policy as easy to read and understand as possible, the most important terms are described in the following.

Personal data

Personal data is all information related to an identified or identifiable natural person (referred to in the following text as the “data subject”). A natural person is considered identifiable if they can be identified, either directly or indirectly, by association with identifying values such as a name, identification number, location information, online identifiers (e.g. IP address) or one or more special characteristics.

Data subject

A data subject is any identified or identifiable natural person whose personal data is processed by the data processor – e.g. by means of collection, storage, or use.

Processing

Processing is any activity applied to personal data, with or without the help of automated methods (e.g. electronic processing) or any such string of activities performed on personal data, e.g. collection, organisation, storage, modification, export or publication by transfer.

Restriction on processing

Saved personal data can be marked as restricted. This is intended to prevent or hinder any further processing.

Profiling

Profiling is any form of automated processing of personal data with the intention of using this personal data to assess particular personal aspects of a natural person. This particularly relates to analysing or predicting aspects such as employment, financial situation, personal preferences or interests.

Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that is it not possible to identify a specific data subject unless other additional information is also considered.

Data controller

The data controller or processor is a natural person, legal entity, authority, institution or other office that, alone or together with others, determines the purposes of the data processing and the means (i.e. tools) with which the personal data will be processed.

Commissioned data processor

The commissioned data processor is a natural person or legal entity, authority or other office that carries out the processing of personal data on behalf of the data controller.

Recipient

The recipient is a natural person or legal entity, authority or other office to which personal data is provided without being commissioned as a data processor on behalf of the data controller. Public authorities that receive personal data within the scope of their duties are not considered recipients.

Third party

A third party is a natural person or legal entity, authority or other office other than the data subject, data controller, commissioned data processor or other persons who are authorised under the direct responsibility of the data controller or commissioned data processor to process personal data, e.g. employees.

Consent

Consent is any expression of will (e.g. declaration or other unambiguous action of affirmation) given voluntarily by the data subject for specified purposes and in response to unambiguous notification and information about his or her rights by which the data subject indicates that he or she consents to have the personal data related to him or her processed.

The data controller according to the applicable data protection regulations is:

Experience One AG

Seidenstr. 19
70174 Stuttgart
Germany

Phone: +49 711 25 35 99 60
Email: hello@experienceone.com
Website: www.experienceone.com

The data controller has appointed a data protection officer in accordance with current legislation. The data protection officer can be reached at:

Tel.: +49 160 94 81 00 58
Email: datenschutz@experienceone.com

Data subjects may make direct contact with the data protection officer at any time with any questions and comments they may have regarding data protection and privacy issues.

Whenever we receive your consent for a particular processing purpose, this consent falls under Article 6 Paragraph 1 Item a of the GDPR. If personal data must be processed in order to fulfil a contract to which you are party (e.g. delivery of goods), then such processing will fall under Article 6 Paragraph 1 Item b of the GDPR.

Whenever Experience One AG has a legal obligation to process data, such as to meet tax related obligations, then such processing will fall under Article 6 Paragraph 1 Item c of the GDPR.

In rare cases, personal data may need to be processed in order to protect the life of the data subject or another natural person, e.g. if a visitor to our business were to get injured and their personal data needed to be passed on to a doctor, hospital or other third party. In these cases, processing falls under Article 6 Paragraph 1 Item d of the GDPR.

Most data processing activities fall under Article 6 Paragraph 1 Item f of the GDPR. This states that the documented legitimate interests of Experience One AG (e.g. notification of our services) are a sufficient basis for data processing, provided that the interests, fundamental rights and basic freedoms of data subjects are not infringed upon. Legitimate interests particularly include our ability to carry out business activities to ensure the wellbeing of our staff and partners.

The personal data collected via our website serves a range of purposes, some of which make use of external service providers (see below). The primary purposes (unless otherwise stated below) are:

• Web analysis / tracking:
  • Optimisation of our website for the benefit of its visitors
  • To provide evidence of possible attacks against the website and to provide information for prosecution
• Contact form:
  • To enable simple and fast contact with the company
  • To provide a means to contact relevant departments
• Application form
  • To allow potential new members of staff to submit applications

Our website uses cookies. Cookies are text files created by web browsers and stored on your computer.

Many cookies contain what is known as a “cookie ID”. A cookie ID uniquely identifies a particular cookie. These can be used to identify a particular computer or data subject, to differentiate these from others and recognise repeat visits. Using cookies allows us to provide you with certain user-friendly services which would otherwise be impossible to implement.

Further information on the usage of cookies can be found in our CookieStatement (Link within the site footer).

The data subject can prevent cookies from being set by our website by clicking on “cookies” in the footer of our website. Furthermore, any cookies that have already been set can be deleted via your web browser. Please be aware that disabling cookies may render some or all of the features on our website unusable.

Collection of general data and information

When you consent to the use of cookies via your web browser and/or by confirming as such on the cookie banner that appears on our website, we will collect a range of general data and information. This information is stored in the log files on our server. We may collect, for example:

• the browser and operating system being used
• the Internet site from which you reached our site (known as the “referrer”)
• the sub-pages accessed on our site
• the date and time of your visit as well as an anonymised/shortened form of your Internet Protocol Address (IP address)
• your Internet service provider (e.g. Deutsche Telekom)
• any other data and information that could be useful to us in the event of an attack on our systems

Experience One AG infers nothing about the data subject through the use of this general data and information. Rather, this data is required in order to:

• deliver and optimise the content of our Internet site
• ensure the ongoing functionality of our IT systems and website
• provide the necessary information to the prosecuting authorities in the event of a cyber attack

This anonymous and pseudonymous information is statically evaluated by us. The server log files are stored separately from all personal data provided by a data subject and are deleted after a period of 6 months.

Experience One AG makes use of certain services from external providers who may be based outside of the EU. Such providers include:

• Google Inc (for Google Analytics, Google Maps, Google Tag Manager, Google Google ReCaptcha – USA)
• Kenjo GmbH (Recruting - Germany)
• HubSpot, Inc. (CRM, Marketing & Advertising – USA)
• Vimeo LLC (Videos - USA)
• LinkedIn Ireland Unlimited Company (Tracking - Ireland)
• Podigee GmbH (Podcast Player and Hosting – Germany)

For more detailed information about these recipients, please see below.

Personal data will not be forwarded to third parties without your consent unless Experience One AG is legally obligated to do so.

Where your personal data is processed by Experience One AG, you have the following rights as a data subject. If you would like to exercise one of these rights, you may contact our data protection officer or a member of our staff at any time.

Right to access

All data subjects are entitled to request information from the data controller at any time about whether or not their personal data is being processed, free of charge. Furthermore, a data subject may request to see the personal information held on them and receive a copy of this. This copy of the personal data contains information on:

• the processing purpose
• the categories of personal data
• the recipients or categories of recipients, particularly where recipients are based abroad
• the intended retention period, or where this cannot be given, the criteria used to determine the retention period
• an explanation of the rights of the data subject, particularly with regard to the right to rectify, delete or restrict their data and the right to withdraw consent
• the existence of a right to legal appeal by a regulating authority
• the source of the data (if data was not received from the data subject)
• the existence of an automated decision-making process including profiling and detailed information about the logic and weightings involved, if applicable
• information about the appropriate measures taken to ensure data is protected (when transferring data abroad)

Right to rectification

If the data held about you contains errors, you are entitled to have any incorrect personal data immediately rectified. This also applies to having missing data added, with supplementary consent given where necessary.

Right to deletion (right to be forgotten) and right to restrict processing

All data subjects are entitled to request the immediate deletion of their personal data by the data controller, provided that such a request is based upon one of the following reasons and insofar as processing is not required:

• The processing purpose no longer applies, and the data is no longer required
• Consent has been withdrawn and there is no other legal basis for processing
• An objection to processing has been submitted and there are no overriding reasons why the objection should not be accepted
• Data has been processed unlawfully

The data protection officer will review the request with regard to its legitimacy and the existence of any overriding obligations (e.g. minimum retention periods for tax reasons) and inform any data recipients of the request for deletion. If it is not possible to delete the data, you will be informed of the reasons why.

Whenever the purpose for processing no longer applies, but legal retention periods have not expired, or the data is required in order to make or defend against legal claims, then it is possible for your data to be restricted.

Right to data portability

You are entitled to receive a copy of the personal data you have provided us with in a structured, common and machine-readable format. This data can then be made available to another provider or service, or you may ask us to send this data directly to them. This right applies insofar as you have given us consent to process your data. This includes automatically collected data which does not infringe upon the rights and freedoms of other persons and where this is technically possible.

Right to object

Data subjects are entitled to object to their personal data being processed for reasons resulting from their particular circumstances at any time. This also applies to profiling performed according to these conditions. The data will then no longer be processed unless we can demonstrate compelling reasons to do so that outweigh your interests. The right to object applies in particular to the use of personal data for advertising purposes.

Automated decision making for individual cases including profiling

You are entitled to not be submitted to an exclusively automated decision-making process, including profiling, that has legal consequences for you or otherwise impacts you in a negative and significant way. This applies insofar as this automated decision-making process is not necessary for the conclusion of a contract between you and Experience One AG and you have not given your explicit consent to automated decision-making.

Right to withdraw consent

European lawmakers guarantee data subjects the right to withdraw consent to the processing of their personal data at any time.

Data subjects who would like to exercise this right can contact our data protection officer or one of the data controller’s staff at any time.

Right to lodge a complaint with supervisory authority

Data subjects whose data is processed by Experience One AG are entitled to lodge a complaint against the data controller. This applies in particular if you believe that Experience One AG has processed your data in breach of data protection regulations or you have not received a prompt response to an enquiry, or the response contained incorrect information. An overview of supervisory authorities for non-public sectors (e.g. businesses) can be found at

https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Experience One AG is overseen by the supervisory authority of Baden-Württemberg (where the data controller is based). However, you may contact any supervisory authority (e.g. that for the place where you are resident).

Personal data held about a data subject is stored only for the period necessary for the processing purpose, or for a legally required retention period. When the processing purpose no longer applies and/or legal retention periods have expired, personal data is routinely blocked or deleted in accordance with legal requirements.

• With regard to the tracking of visitors to the Experience One AG website, the period is generally a maximum of six months.
  
• For applications that do not lead to employment or inclusion in the talent pool, a period of six months also applies.
  
• Inquiries via the contact form will be deleted after six months at the earliest, provided that the processing of the inquiry has been completed.
• All other deadlines are based on tax and commercial law requirements.

Our data protection officer can provide you with information about the specific ways in which your data is processed.

It may be legally required for certain data to be processed (e.g. tax regulations) or for processing to be done due to the terms of a contract (e.g. providing information to the contractual partner). The same applies when concluding a contract (e.g. employment contract). Failure to provide data here would result in us being unable to conclude the contract with you. Our data protection officer will be happy to advise you as a data subject on a case by case basis.

As a responsible company we do not make use of automated decision-making processes or profiling.

In addition to the information provided for contacting us by e-mail and telephone, our website also contains a contact form. This also fulfills the legal requirements of a quick electronic contact, as the data is sent to a general e-mail address and thus flows into a self-hosted ticket system.

If you contact us by e-mail or via a contact form, the personal data you provide will be stored. Data collected in this way is stored for the purpose of processing or contacting you. This data will not be passed on to third parties. If further contacts result from the contact, e.g. to arrange an appointment, the data will be forwarded to the relevant employees and processed. The legal basis for the processing is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the processing of your request and thus clarification of your request.

We collect and process personal data from applicants for the purpose of carrying out the application procedure. Processing is performed electronically. This is particularly the case if you send us your application documents via electronic means such as via email or via the web form. The legal basis for the processing of applicant data is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the proper implementation of the application process. Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are voluntarily provided within the scope of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) (b) GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9 (2) a) GDPR (e.g. health data, if this is necessary for the exercise of the profession).

Based on a separate agreement, the data is processed on behalf of Experience One AG by the company Kenjo GmbH, Urbanstraße 71, 10967 Berlin. The data transfer to Kenjo is encrypted (Transport Layer Security, TLS). For more information on data protection at Kenjo, please visit: https://www.kenjo.io/legal/datenschutz

When an employment contract is made with an applicant, the transferred data will be stored for the purposes of arranging the employment relationship in accordance with legal regulations. When an employment contract is not offered to the applicant, the application documents will be stored for a period of at least two months and no longer than 6 months. After this period, they will be automatically deleted unless any reasons not to do so exist.

If you are accepted into a talent pool, then we require your consent to do so. Your data will not be deleted if you agree to be entered into the talent pool.

We can also remove you from the Talent Pool if you wish.

Experience One AG has integrated the Google Analytics component (with an anonymisation feature) into this website for the purposes of web analytics. A web analytics service collects various data including the Internet site from which a data subject used to access another site (known as the “referrer”), which of our sub-pages were accessed and how often and for how long. This information can be used to optimise the Internet site. We use the suffix “_gat._anonymizeIp” for our web analytics. This suffix means that the IP address will be shortened and anonymised.

Google Analytics is operated by Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. (European representation: Gordon House, Barrow Street, Dublin 4, Ireland).

Google uses the data it collects for a variety of purposes. These include evaluating how our website is used in order to generate online reports for us and in order to provide further services associated with the use of our Internet site.

Google Analytics cookies are stored on your computer for this purpose. This cookie enables Google to analyse the use of our Internet site. By doing so, Google receive personal data such as your IP address. Data is therefore sent to Google in the United States of America every time you visit our website. Google may pass on this data to third parties.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR. You have the right to revoke your consent at any time, see Art. 7 (3) p. 1 GDPR. This can be done informally and without giving reasons and is effective for the future. The revocation of consent does not affect the lawfulness of the processing carried out until the revocation. Further information on this can be found above in our privacy policy under "Rights of the data subject".

Processing by Google is based on appropriate safeguards. This means that a processing agreement has been concluded with Google. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR. The maximum storage period is 14 months.

You can prevent cookies from being set, as described, at any time using the relevant settings in your browser. Furthermore, any cookies that have already been set by Google Analytics can be deleted via your web browser or other software programmes at any time. You also have the option to install a browser add-on (https://tools.google.com/dlpage/gaoptout). This is installed on your computer and prevents web analytics. The add-on uses JavaScript.

Further information and Google’s current data privacy policy can be found at https://www.google.de/intl/de/policies/privacy and http://www.google.com/analytics/terms/de.html. Google Analytics is described in more detail at the following link: https://www.google.com/intl/de_de/analytics.

Experience One AG has integrated the Google Maps component into this website in order to display an interactive map.

Google Maps is operated by Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. (European representation: Gordon House, Barrow Street, Dublin 4, Ireland).

By using this service, Google receives personal data, such as your IP address. Data is therefore sent to Google in the United States of America every time you visit our website. Google may pass on this data to third parties.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR.

Processing by Google is based on appropriate safeguards. This means that a processing agreement has been concluded with Google. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

You can prevent cookies from being set, as described, at any time using the relevant settings in your browser. Furthermore, any cookies that have already been set by Google Analytics can be deleted via your web browser or other software programmes at any time. You also have the option to install a browser add-on (https://tools.google.com/dlpage/gaoptout ). This is installed on your computer and prevents web analytics. The add-on uses JavaScript.

Further information and Google’s current data privacy policy can be found at https://www.google.de/intl/de/policies/privacy and https://www.google.com/intl/de_de/help/terms_maps.html.

Experience One AG uses videos on its website that are hosted by the Vimeo portal. The purpose of this is to ensure content is transported more effectively and is made easier to understand, while also improving website performance by not hosting videos locally.

Vimeo is operated by Vimeo LLC at 555 West 18th Street, New York, New York 10011, USA.

A data processing contract has been made with Vimeo to ensure an appropriate level of data privacy. The contract is based upon the standard data privacy clauses set down by the EU.

When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR. You have the right to revoke your consent at any time, cf. Art. 7 (3) p. 1 GDPR.

Processing by Vimeo is based on appropriate safeguards. This means that a processing agreement has been concluded with Vimeo. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

For more information on the handling of user data, please see Vimeo's privacy policy at: https://vimeo.com/privacy.

The component Podigee is integrated on this website by Experience One AG to play and host podcasts. The podcasts are downloaded or streamed from Podigee.

Provider of Podigee is Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany.

Using Podigee enables the provider to gain knowledge about personal data like the IP addresses and device information to enable podcast downloads / playbacks and statistical data such as to determine the number of downloads. This data is anonymized by Podigee before they are stored in the database, unless they are required for the provision of the podcasts.

The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimization of our podcast offer in accordance with Art. 6 (1) letter (f) GDPR. Furthermore, the data is processes based on separate agreement on behalf of Experience One AG.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

Further information and options to object can be found in Podigee’s data protection declaration: https://www.podigee.com/en/abo....

We use Google Tag Manager on our website to manage website tags.

The operator is Google LLC., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
(European representation: Gordon House, Barrow Street, Dublin 4, Ireland).

Tag Manager is a cookie-free application and does not collect any personal data. However, the Tag Manager can trigger the setting of additional tags, which may collect data. Google Tag Manager does not access this data.

If you have opted out of Google Cookies, this also applies to all tracking tags that are implemented in Google Tag Manager.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR. You have the right to revoke your consent at any time, cf. Art. 7 (3) p. 1 GDPR.

Processing by Google is based on appropriate safeguards. This means that a processing agreement has been concluded with Google. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

Further information and the applicable Google privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and https://www.google.de/intl/de/policies/privacy/ as well as https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

We use HubSpot as a CRM & marketing tool for processing and storing contact data, follow up on leads, planning of marketing and advertising measurements. Among others this includes e-mail-marketing (newsletter, mailings) social media publishing & reporting, reporting (e.g. source of traffic, visits etc.), contact management, (e.g. user segmentation & CRM), landing pages and contact forms.

The provider is HubSpot, Inc., 25 First Street, 2nd Floor,Cambridge, MA 02141 (USA).

If you use the contact form on our website, the request will be forwarded to us and the data will then be saved in the CRM tool. Furthermore, contact data from fairs, events or other relevant partners will be stored in the tool.

The legal basis for processing your personal data is Art. 6 (1) a) and f) GDPR. Our legitimate interest in the use of this service is the optimization of our customer service and the management of our contact data.

In cases of processing based on Art. 6 (1) a) GDPR, you have the right to revoke your granted consent at any time, cf. Art. 7 (3) p. 1 GDPR.

In cases of processing based on Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data at any time in accordance with Art. 21 (1) GDPR. If you exercise your right, processing for this purpose will no longer take place. Further information on this can be found above in our privacy policy under "Rights of the data subject".

Processing by Hubspot is based on appropriate safeguards. This means that a processing agreement has been concluded with Hubspot. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

For more information on how HubSpot handles user data, please see HubSpot's privacy policy at https://legal.hubspot.com/product-privacy-policy and https://www.hubspot.de/data-privacy/gdpr.

We use the reCAPTCHA function to ensure the security of inquiries and avoid spam through our web forms.

Provider is Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA (European representation: Gordon House, Barrow Street, Dublin 4, Ireland).

This function primarily serves to differentiate between manual entry of a person and automated entry by a machine (bot). The user's IP is transmitted to Google and, if necessary, further data. As part of this, personal data can also be transmitted to the servers of Google LLC in the US.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR. You have the right to revoke your consent at any time, cf. Art. 7 (3) p. 1 GDPR.

Processing by Google is based on appropriate safeguards. This means that a processing agreement has been concluded with Google. This is based on the standard contractual clauses issued by the European Commission.

The data is automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ .

We use the LinkedIn Insight Tag for conversion tracking on our website. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. LinkedIn Ireland is a subsidiary of LinkedIn Corp (USA).

LinkedIn uses the data obtained to evaluate the use of our website, to compile online reports for us and to provide other services related to the use of our website.

For this purpose, cookies are placed on your computer by LinkedIn. By setting the cookie, LinkedIn is able to analyze the use of our website. As part of this, LinkedIn gains knowledge of personal data, such as the IP address. Every time you visit our website, data is transmitted to LinkedIn in the United States of America. LinkedIn may share this data with third parties or use the data for behavioral advertising. However, the data is encrypted and anonymized.

The legal basis for the processing of your personal data is 6 para. 1 lit. a) GDPR. You have the right to revoke your consent at any time, cf. Art. 7 para. 3 p. 1 GDPR.

Processing by LinkedIn is based on appropriate safeguards. This means that a processing agreement has been concluded with LinkedIn. This is based on the standard contractual clauses issued by the European Commission.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

As shown, you can prevent the setting of cookies at any time by setting your browser accordingly. In addition, a cookie already set by LinkedIn can be deleted via the internet browser or other software programs. An opt-out of tracking is also possible at any time, provided you call up the following page: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out?trk=microsites-frontend_legal_cookie-policy

Further information and the applicable data protection regulations of LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.

For sending email campaigns we use the service MailerLite, of UAB "MailerLite", J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania. When you register for EO events, we process personal data from you in the form of IP address, email address, date and time, action type, metadata, object and profile reference. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR.

The recipient of your personal data is MailerLite UAB, J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania. The data from MailerLite is then forwarded to the provider of our contact form. There is no transfer of your personal data to a third country. However, we are aware of our responsibility and regularly review the framework and legal changes. In the event of a transfer to a third country taking place, we will adapt this information as quickly as possible.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

You have the right to revoke your consent at any time, cf. Art. 7 para. 3 p. 1 GDPR.

Further information on the processing of your personal data can be found here: https://www.mailerlite.com/leg...

In order to draw attention to our current projects and developments, planned activities and services, we place Google AdWords ads and use Google conversion tracking as part of this. Google AdWords (Google Ads) is a service of Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). These ads are displayed after search queries on websites of the Google advertising network. We have the option to combine our ads with specific search terms. In addition, we use AdWords remarketing lists for search ads. This allows us to customize search ad campaigns for users who have visited our website before. Through the services, we have the opportunity to combine our ads with certain search terms or to display ads for previous visitors in which, for example, services are advertised that the visitors have viewed on our website. For interest-based offers, an analysis of online user behavior is necessary. Google uses cookies to perform this analysis. When clicking on an advertisement or visiting our website, a cookie is set on the user's computer by Google. This information is used to target the visitor in a subsequent search query. Further information on the cookie technology used can also be found in Google's notes on website statistics and in the privacy policy. With the help of this technology, Google and we as a customer receive information about the fact that a user has clicked on an advertisement and has been redirected to our web pages in order to contact us via the contact form. Likewise, Google and we as a customer receive information with the help of Google forwarding numbers that a user has clicked on a telephone number of ours on the Internet and contacted us by telephone. The information obtained in this way is used exclusively for a statistical evaluation to optimize advertisements. We do not receive any information with which visitors can be personally identified. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether this user was redirected to a page of our website marked with a conversion tag. Based on these statistics, we can track which search terms were clicked on our ad particularly often and which ads lead to the user contacting us via the contact form or by telephone. With regard to telephone contact by prospects or customers, the statistics provided by Google include the start time, the end, the status (missed or received), the duration (seconds), the area code of the caller, the telephone costs and the call type.

The legal basis of the processing of your personal data is consent pursuant to Art. 6 (1) a) GDPR.

The recipient of your personal data is Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The data controller responsible for processing your information depends on your habitual residence, unless otherwise stated in the privacy notices of a particular service:

• Google Ireland Limited for users of Google services who are habitually resident in the European Economic Area or Switzerland.
• Google LLC for users of Google services who have their habitual residence in the United Kingdom.

The personal data is transferred to the USA (server location). The transfer is subject to appropriate safeguards pursuant to Art. 46 GDPR. For this purpose, we have concluded standard contractual clauses pursuant to Art. 46(2)(c) GDPR with the data importer. In addition, we are aware of our responsibility and, where necessary, take further measures to protect the rights and freedoms of natural persons to ensure the protection of personal data.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, the data will be deleted if you assert your right to deletion within the meaning of Art. 17 (1) GDPR.

You have the right to revoke your consent at any time, cf. Art. 7 para. 3 p. 1 GDPR.

Further information on the processing of your personal data can be found here: https://www.google.com/policies/privacy/.

This website uses the cookie consent technology of Cookiebot to obtain your consent to store certain cookies on your terminal device and to document and record this consent in accordance with data protection law. As soon as you enter this website, the following personal data is transferred to Cookiebot:

• Your consent(s) or revocation of your consent(s).
• Your IP address
• Information about your browser (http agent, http referrer),
• Information about your terminal device
• Time of your visit to the website

The following additional data is added:

• Opt-in and opt-out data
• Referrer URL
• user agent
• User settings
• Consent ID and consent number
• Information on whether implicit or explicit consent was given
• Time (date and time) of consent
• Consent type
• Template version
• Banner language

Furthermore, Cookiebot stores a cookie in your browser in order to be able to assign the consent given or its revocation to you. The data collected in this way will be stored until you request us to delete it, delete the Cookiebot cookie yourself, or until the purpose for storing the data no longer applies. This does not affect mandatory statutory retention obligations.

In order to obtain the legally required consent for the use of cookies, Cookiebot is used. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. c) GDPR.

The recipient of your personal data is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In addition, the data will be deleted if you exercise your right to erasure as defined in Article 17 (1) GDPR.

Furthermore, those personal data must be provided that we are legally obliged to collect (or) the provision of this data is necessary for the fulfillment of a legal obligation. The legal obligation is thereby determined by Union law or the law of the Member States to which the controller is subject. The legal obligation arises in the present case from: Section 25 (1) TTDSG in conjunction with Article 7 GDPR. Failure to provide the data would mean that this legal obligation cannot be fulfilled.

Further information on the processing of your personal data can be found here: https://www.cookiebot.com/de/privacy-policy/.