Skip to content

PRIVACY POLICY

We have drafted this privacy policy (version 05/28/2021-121746308) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws. In short, we provide you with comprehensive information about the data we process about you.

In short: We provide you with comprehensive information about the data we process about you.

Introduction and overview

Privacy policies usually sound very technical and use legal terminology. This privacy policy, however, aims to describe the most important aspects as simply and transparently as possible. Where it enhances clarity, technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics may be used.

We inform you in clear and straightforward language that, in the course of our business activities, we only process personal data where a corresponding legal basis exists. This would not be possible if we provided brief, unclear, and overly legal-technical explanations, as is often standard practice on the internet when it comes to data protection.

We hope you find the following explanations interesting and informative and that you may discover some information that was previously unknown to you.

If you still have questions, we kindly ask you to contact the responsible party listed below or in the legal notice (Imprint), follow the provided links, and review further information on third-party websites. Our contact details can of course also be found in the Imprint.

Scope of Application

This privacy policy applies to all personal data processed by us within the company and to all personal data processed on our behalf by contracted companies (data processors).

By personal data, we mean information such as a person’s name, email address, and postal address. The processing of personal data enables us to offer and invoice our services and products, whether online or offline.

This privacy policy applies to:

  • all online presences (websites, online shops) operated by us
  • social media presences and email communication
  • mobile apps for smartphones and other devices

In short: this privacy policy applies to all areas in which personal data is processed in a structured manner within the company.

Legal Bases

In the following privacy policy, we provide transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation (GDPR), which enable us to process personal data.

With regard to EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex at:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:32016R0679

We process your data only if at least one of the following conditions applies:

Consent (Article 6(1)(a) GDPR)
You have given us your consent to process data for a specific purpose. An example would be storing the data you entered into a contact form.

Contract (Article 6(1)(b) GDPR)
In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we require personal information in advance.

Legal obligation (Article 6(1)(c) GDPR)
If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.

Legitimate interests (Article 6(1)(f) GDPR)
In cases of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we must process certain data in order to operate our website securely and efficiently. This processing therefore constitutes a legitimate interest.

Other legal bases, such as processing in the public interest or the exercise of official authority, as well as the protection of vital interests, generally do not apply to us. Should such a legal basis become relevant, it will be indicated at the appropriate point.

In addition to the EU Regulation, national laws also apply:

  • In Austria, this is the Federal Act concerning the Protection of Personal Data (Datenschutzgesetz – DSG).
  • In Germany, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) applies.

If further regional or national laws apply, we will inform you in the following sections.

Contact Details of the Controller

If you have any questions about data protection, you will find the contact details of the responsible person or entity below:

EC Certification Service GmbH
Sandgasse 39a
9300 Sankt Veit an der Glan
Austria

Email: michael.steiner@ec-c.at

Authorized representative: Dr. Michael Steiner

Phone: +43 4212 3600951
Imprint: www.xpertligner.com/impressum

Contact Details of the Data Protection Officer

Dr. Michael Steiner
Email: michael.steiner@ec-c.at
Phone: +43 4212 3600951

Data Retention

As a general principle, we store personal data only for as long as is absolutely necessary to provide our services and products. If legally required (e.g., for accounting purposes), this retention period may be extended.

This means that we delete personal data as soon as the reason for processing no longer applies. If you request deletion of your data or withdraw your consent to data processing, the data will be deleted as quickly as possible, provided there is no legal obligation to retain it.

We provide information about the specific duration of data processing further below, where additional details are available.

Your Rights under the GDPR

According to Article 13 GDPR, you have the following rights to ensure fair and transparent data processing:

  • Right of access (Article 15 GDPR): You have the right to know whether we process your data. If so, you have the right to receive a copy of the data and information about:
    • the purpose of processing
    • the categories of data processed
    • recipients of the data and safeguards for transfers to third countries
    • the storage period
    • your rights to rectification, erasure, restriction, or objection
    • your right to lodge a complaint with a supervisory authority
    • the origin of the data (if not collected from you)
    • whether profiling takes place
  • Right to rectification (Article 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)

If processing is based on Article 6(1)(e) or (f) GDPR, you may object at any time. We will then assess whether we can legally comply with your objection.

If your data is used for direct marketing, you may object at any time. We will then no longer use your data for direct marketing purposes.

If your data is used for profiling, you may object at any time. We will then no longer use your data for profiling.

Under certain circumstances, you have the right under Article 22 GDPR not to be subject to a decision based solely on automated processing.

If you believe that the processing of your data violates data protection law, you may lodge a complaint with a supervisory authority. In Austria, this is the Austrian Data Protection Authority (www.dsb.gv.at). In Germany, you may contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

In short: You have rights — please do not hesitate to contact the responsible party listed above.

Security of Data Processing

To protect personal data, we have implemented both technical and organizational measures. Wherever possible, we encrypt or pseudonymize personal data. In doing so, we make it as difficult as possible for third parties to derive personal information from our data.

Article 25 GDPR refers to “data protection by design and by default,” meaning that security must always be considered in both software (e.g., forms) and hardware (e.g., server room access). Where necessary, we describe specific measures below.

TLS Encryption with HTTPS

We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the internet.

By using TLS (Transport Layer Security), an encryption protocol for secure data transmission, we ensure the protection of confidential data. You can recognize this secure transmission by the small lock symbol in your browser and the use of “https” instead of “http” in our web address.

Communication

If you contact us by telephone, email, or online form, personal data may be processed.

The data is stored for the duration of the business transaction and in accordance with legal requirements.

Telephone

When you call us, call data may be stored in pseudonymized form on the respective device and by the telecommunications provider. Data such as name and phone number may subsequently be stored for processing your request. The data is deleted once the matter is resolved and legal requirements permit.

Email

If you communicate with us by email, data may be stored on your device and on the email server. The data is deleted once the matter is resolved and legal requirements permit.

Online Forms

If you contact us via online form, data is stored on our web server. The data is deleted once the matter is resolved and legal requirements permit.

Legal Bases for Communication Processing

Data processing is based on:

  • Article 6(1)(a) GDPR (Consent)
  • Article 6(1)(b) GDPR (Contract)
  • Article 6(1)(f) GDPR (Legitimate interests)

Our legitimate interest lies in handling customer inquiries and business communication in a professional and efficient manner. Certain technical systems (e.g., email programs, servers, telecommunications providers) are necessary to ensure efficient communication.

Web Hosting

What is Web Hosting?

When you visit websites nowadays, certain information — including personal data — is automatically created and stored, including on this website. Such data should be processed as sparingly as possible and only where justified.

By “website,” we mean the entirety of all web pages under a domain, from the homepage to the very last subpage (such as this one). By “domain,” we mean, for example, example.com or sampledomain.org.

To view a website on your screen, you use a program called a web browser. You are probably familiar with some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

This web browser must connect to another computer where the website’s code is stored — the web server. Operating a web server is a complex and resource-intensive task, which is why it is usually handled by professional service providers. These providers offer web hosting services and ensure reliable and error-free storage of website data.

When your browser connects to the web server (from a desktop, laptop, smartphone, etc.) and during data transmission to and from the server, personal data may be processed. On the one hand, your device stores data; on the other hand, the web server must also temporarily store certain data to ensure proper operation.

Why Do We Process Personal Data?

The purposes of data processing are:

  • Professional hosting of the website and ensuring operational security
  • Maintaining system stability and security
  • Generating access statistics

What Data Is Processed?

While you are visiting our website, our web server (the computer on which this website is stored) typically stores data automatically such as:

  • The complete internet address (URL) of the accessed webpage
    (e.g., https://www.examplewebsite.com/subpage.html?tid=123456789)
  • Browser type and browser version (e.g., Chrome 87)
  • The operating system used (e.g., Windows 10)
  • The address (URL) of the previously visited page (referrer URL)
  • The hostname and IP address of the device from which access is made
    (e.g., DEVICE-NAME and 194.23.43.121)
  • Date and time of access
  • Data stored in so-called web server log files

How Long Is the Data Stored?

As a general rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not share this data with third parties. However, we cannot exclude the possibility that authorities may access this data in the event of unlawful behavior.

In short: Your visit is logged by our hosting provider (the company that operates our website on dedicated servers), but we do not share your data without your consent.

Legal Basis

The legal basis for processing personal data in the context of web hosting is Article 6(1)(f) GDPR (legitimate interests). The use of professional hosting services is necessary to present our company securely and efficiently on the internet and to ensure stability and security of the website.

Cookies

What Are Cookies?

Our website uses HTTP cookies to store user-specific data.

Below, we explain what cookies are and why they are used, so that you can better understand this privacy policy.

Whenever you browse the internet, you use a browser. Common browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are very useful little tools. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other types of cookies for different purposes.

HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder — essentially the “memory” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language preferences or personal page settings. When you revisit our website, your browser sends the “user-related” information back to our site. Thanks to cookies, our website recognizes you and provides the settings you are accustomed to.

In some browsers, each cookie has its own file, while in others (such as Firefox), all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website. Third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies — from a few minutes to several years. Cookies are not software programs and do not contain viruses, Trojans, or other malicious software. Cookies also cannot access information on your computer.

For example, cookie data may look like this:

  • Name: _ga
  • Value: GA1.2.1326744211.152121746308-9
  • Purpose: Distinguishing website visitors
  • Expiration date: After 2 years

A browser should support at least the following minimum sizes:

  • At least 4,096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3,000 cookies in total

What Types of Cookies Are There?

The specific cookies we use depend on the services implemented and are explained in the following sections of this privacy policy. At this point, we would like to briefly explain the different types of HTTP cookies.

Four types of cookies can be distinguished:

Essential Cookies

These cookies are necessary to ensure basic functions of the website. For example, these cookies are required when a user places a product in the shopping cart, continues browsing other pages, and later proceeds to checkout. These cookies ensure that the shopping cart is not deleted, even if the user closes the browser window.

Functional Cookies

These cookies collect information about user behavior and whether the user receives error messages. These cookies also measure loading times and website behavior across different browsers.

Targeting Cookies

These cookies improve user experience. For example, entered locations, font sizes, or form data may be stored.

Advertising Cookies

These cookies are also known as targeting cookies. They are used to deliver individually tailored advertising to users. This can be very practical, but also potentially annoying.

When you first visit a website, you are usually asked which types of cookies you would like to allow. This decision is also stored in a cookie.

If you would like to learn more about cookies and do not mind technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the “HTTP State Management Mechanism” published by the Internet Engineering Task Force (IETF).

Purpose of Processing Through Cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the software provider that sets the cookie.

What Data Is Processed?

Cookies are small tools used for many different tasks. Unfortunately, it is not possible to generalize what data is stored in cookies. However, we will inform you about the processed and stored data within the framework of this privacy policy.

Storage Duration of Cookies

The storage duration depends on the respective cookie and is specified further below. Some cookies are deleted after less than one hour, while others may remain stored on a computer for several years.

You also have influence over the storage duration. You can manually delete all cookies at any time via your browser (see “Right to Object” below). Furthermore, cookies based on consent will be deleted at the latest after you withdraw your consent, without affecting the lawfulness of the storage prior to withdrawal.

Right to Object – How Can I Delete Cookies?

You decide whether and how you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option to delete, disable, or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you would like to find out which cookies are stored in your browser, or if you want to change or delete cookie settings, you can do so in your browser settings:

  • Chrome: Delete, enable, and manage cookies in Chrome
  • Safari: Manage cookies and website data in Safari
  • Firefox: Delete cookies to remove data that websites have stored on your computer
  • Internet Explorer: Delete and manage cookies
  • Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can configure your browser to always inform you when a cookie is about to be set. This allows you to decide individually whether to accept each cookie. The procedure varies depending on your browser. The best way is to search for instructions in Google using terms such as “delete cookies Chrome” or “disable cookies Chrome.”

Legal Basis

The so-called “Cookie Directive” has been in place since 2009. It states that storing cookies requires your consent (Article 6(1)(a) GDPR). Within EU countries, however, there are still differing national implementations of these rules.

For strictly necessary cookies, even if consent has not been obtained, processing is based on legitimate interests (Article 6(1)(f) GDPR), which in most cases are of an economic nature. We aim to provide visitors to our website with a pleasant user experience, and certain cookies are often absolutely necessary for this purpose.

Where non-essential cookies are used, this is done only on the basis of your consent.

In the following sections, you will be informed in more detail about the use of cookies, provided that the software used sets cookies.

Web Analytics

What Is Web Analytics?

We use software on our website to analyze the behavior of website visitors, commonly referred to as web analytics. Data is collected and stored, managed, and processed by the respective analytics provider (also called a tracking tool).

With the help of this data, analyses of user behavior on our website are created and made available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are most appealing to our visitors. For this purpose, we may display two different versions of an offer for a limited period (so-called A/B testing). After the test, we can determine which product or content is more interesting to our website visitors.

For such testing procedures, as well as for other analytics processes, user profiles may be created and data may be stored in cookies.

Why Do We Use Web Analytics?

Our website has a clear objective: we aim to provide the best web offering in our industry. To achieve this goal, we want to offer the best and most relevant content while ensuring that you feel comfortable on our website.

With the help of web analytics tools, we can closely analyze the behavior of our website visitors and improve our web offering accordingly. For example, we can determine:

  • The average age of our visitors
  • Where our visitors come from
  • When our website is most frequently visited
  • Which content or products are particularly popular

This information enables us to optimize our website and adapt it to your needs, interests, and preferences.

What Data Is Processed?

The specific data stored depends on the analytics tools used. Typically, the following information may be stored:

  • Content viewed on our website
  • Clicked buttons or links
  • Time of page access
  • Browser type
  • Device used (PC, tablet, smartphone)
  • Operating system
  • Location data (if consent has been given)

Your IP address is also processed. Under the GDPR, IP addresses are considered personal data. However, your IP address is generally stored in pseudonymized form (i.e., shortened and not directly identifiable).

For testing, web analytics, and website optimization purposes, no direct personal data such as your name, age, address, or email address is stored. If such data is collected, it is stored in pseudonymized form so that you cannot be personally identified.

Data retention depends on the respective provider. Some cookies store data only for a few minutes, while others may store data for several years.

Duration of Data Processing

We process personal data only as long as necessary to provide our services and products. Where legally required (e.g., accounting obligations), data may be stored beyond this period.

Right to Object

You have the right to withdraw your consent to the use of cookies or third-party providers at any time. This can be done via our cookie management tool or other opt-out mechanisms. You can also prevent data collection by managing, disabling, or deleting cookies in your browser.

Legal Basis

The use of web analytics requires your consent, which we obtain via our cookie banner. According to Article 6(1)(a) GDPR (consent), this consent constitutes the legal basis for processing personal data through web analytics tools.

In addition, we have a legitimate interest (Article 6(1)(f) GDPR) in analyzing website behavior to improve our technical performance, security, and economic efficiency.

Where analytics tools use cookies, we recommend reading our general Cookie Policy for further details.

Google Analytics Privacy Policy

What Is Google Analytics?

We use the analytics tracking tool Google Analytics provided by the American company Google LLC. For users within the European Economic Area, the responsible entity is Google Ireland Limited.

Google Analytics collects data about your actions on our website. For example, when you click a link, this action is stored in a cookie and transmitted to Google Analytics.

Google Analytics is a tracking tool used to analyze website traffic. A tracking code is integrated into our website. When you visit our website, this code records various interactions. Once you leave our website, this data is transmitted to Google Analytics servers and stored there.

Google processes the data and provides us with reports about user behavior, including:

  • Audience reports
  • Advertising reports
  • Acquisition reports
  • Behavior reports
  • Conversion reports
  • Real-time reports

Why Do We Use Google Analytics?

Our goal is to provide the best possible service. The statistical data provided by Google Analytics helps us:

  • Identify strengths and weaknesses of our website
  • Optimize our website for search engines
  • Improve marketing efficiency
  • Personalize advertising

What Data Is Stored?

Google Analytics creates a unique ID linked to your browser cookie. This allows Google to recognize returning users and generate pseudonymous user profiles.

Data collected may include:

  • IP address (in shortened form)
  • Country and approximate location
  • Device information
  • Browser type
  • Internet provider
  • Screen resolution
  • Referrer source
  • Duration of visit
  • Click behavior
  • Account creation or purchases
  • Media interactions
  • Social media shares

Google Analytics may also use the following cookies (examples):

  • _ga (2 years)
  • _gid (24 hours)
  • _gat or dc_gtm (1 minute)
  • AMP_TOKEN
  • __utma, __utmb, __utmc, __utmz, __utmv

Please note that this list may not be exhaustive, as Google may change its cookie usage.

Data Storage and Retention

Google operates servers worldwide, primarily in the United States.

Data retention depends on the property used:

For Google Analytics 4 (GA4):

  • User data retention is set to 14 months by default
  • Event data retention can be set to 2 or 14 months

For Universal Analytics:

  • Default retention is 26 months
  • Options include 14, 26, 38, or 50 months, or no automatic deletion

Aggregated data is stored independently of user-level data.

How Can You Prevent Data Collection?

You can prevent Google Analytics from collecting your data by installing the browser add-on available at:

https://tools.google.com/dlpage/gaoptout

This add-on prevents Google Analytics JavaScript from collecting data.

You may also manage or disable cookies via your browser settings.

Please note that data may be transferred to and processed in the United States. Transfers to third countries are subject to appropriate safeguards such as EU Standard Contractual Clauses.

Legal Basis

Processing is based on:

  • Article 6(1)(a) GDPR (consent)
  • Article 6(1)(f) GDPR (legitimate interest in optimization and security)

Further information:
https://www.google.com/analytics/terms/
https://support.google.com/analytics/answer/6004245

Facebook Pixel Privacy Policy

We use the Facebook Pixel provided by Meta Platforms, Inc. on our website.

The Facebook Pixel is a JavaScript code snippet that tracks user actions if you access our website via Facebook advertisements.

If you purchase a product on our website, the pixel is triggered and stores your actions in cookies. These cookies allow Facebook to match your user data (such as IP address or user ID) with your Facebook account data.

The data collected is anonymous to us and only used for advertising purposes. If you are logged into Facebook, your visit to our website may be linked to your Facebook account.

We use Facebook Pixel to:

  • Show our services only to relevant audiences
  • Optimize advertising campaigns
  • Analyze advertising effectiveness

Facebook may also use collected data for its own advertising purposes.

Example cookies:

  • _fbp (3 months)
  • fr (3 months)

You can manage your advertising preferences via:
https://www.facebook.com/ads/preferences/

If you are not a Facebook user, you may manage online advertising preferences at:
http://www.youronlinechoices.com/

Please note that, according to the European Court of Justice, there is currently no fully adequate level of data protection in the United States. Data processing is carried out primarily by Facebook. This may result in data being processed and stored in a non-anonymized form. U.S. authorities may potentially gain access to individual data. Data may also be linked with other Facebook services.

Further information:
https://www.facebook.com/policy.php

Marketing

E-Mail Marketing

What Is E-Mail Marketing?

In order to keep you informed at all times, we also use email marketing. If you have consented to receiving our emails or newsletters, your data will be processed and stored.

Email marketing is a subcategory of online marketing. News, updates, or general information about a company, products, or services are sent by email to a specific group of people who have expressed interest.

If you wish to participate in our email marketing (usually via newsletter), you typically only need to register with your email address. For this purpose, you complete and submit an online form. In some cases, we may also ask for your salutation and name in order to address you personally.

Newsletter registration is generally carried out using the so-called double opt-in procedure. After registering for our newsletter on our website, you will receive an email asking you to confirm your subscription. This ensures that the email address belongs to you and that no third party has registered using someone else’s email address.

We, or a notification tool used by us, log every registration. This is necessary to provide proof of a legally compliant registration process. Typically, the following information is stored:

  • Time of registration
  • Time of confirmation
  • IP address
  • Any changes made to stored data

Why Do We Use Email Marketing?

We want to stay in contact with you and always provide you with important news about our company. Email marketing – often referred to simply as a “newsletter” – is an essential part of our online marketing activities.

If you consent or if legally permitted, we will send you newsletters, system emails, or other notifications by email. When we use the term “newsletter,” we mainly refer to regularly sent emails.

We strive to provide only relevant and interesting content. Through our newsletter, you may receive information about:

  • Our company
  • Our services or products
  • Special offers or promotions
  • Updates and new developments

If we commission a service provider to manage our email marketing, this is done in order to provide you with fast and secure newsletter delivery.

The purpose of our email marketing is to inform you about new offers and support our business objectives.

What Data Is Processed?

If you subscribe to our newsletter via our website, you confirm your membership in an email list via email. In addition to your IP address and email address, the following data may also be stored (if provided and consented to):

  • Salutation
  • First and last name
  • Address
  • Telephone number
  • Company
  • Device information
  • Website usage preferences

Information about automatic data storage when visiting our website can be found in the section “Automatic Data Storage.”

Duration of Data Processing

If you unsubscribe from our newsletter, we may store your email address for up to three years based on our legitimate interest in proving your previous consent. We may only process this data if required to defend against potential claims.

If you confirm that you gave consent, you may submit an individual deletion request at any time.

If you permanently object to consent, we reserve the right to store your email address in a suppression list. As long as you voluntarily subscribe, we will of course retain your email address.

Withdrawal – How Can I Cancel My Subscription?

You may withdraw your consent to receive newsletters at any time. This typically requires only a few seconds and one or two clicks. Most newsletters contain an unsubscribe link at the end of each email.

If you cannot find the unsubscribe link, please contact us by email and we will immediately cancel your subscription.

Legal Basis

Newsletter distribution is based on your consent (Article 6(1)(a) GDPR).

If consent is not required, newsletter distribution may be based on our legitimate interest in direct marketing (Article 6(1)(f) GDPR), where legally permitted.

If a service provider is commissioned, this is done on the basis of our legitimate interest.

The registration process is documented in order to demonstrate compliance with legal requirements.

HubSpot Privacy Policy

What Is HubSpot?

We use services provided by HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA.

HubSpot is an integrated software solution for marketing, sales, and customer service. It includes:

  • Email marketing and newsletter distribution
  • CRM (contact management)
  • Landing pages
  • Analytics tools

HubSpot is a cloud-based Software-as-a-Service (SaaS) solution.

Why Do We Use HubSpot?

We use HubSpot to:

  • Send newsletters
  • Manage form inquiries
  • Analyze marketing campaigns
  • Improve website usability
  • Structure communication with prospects and customers

HubSpot enables us to manage and optimize communication and marketing processes efficiently.

What Data Does HubSpot Process?

If you contact us via our website or subscribe to our newsletter, the following data may be processed:

  • Email address
  • First and last name
  • Telephone number (if provided)
  • Company
  • IP address
  • Location data
  • Usage data (page views, clicks)
  • Date and time of registration

HubSpot also records:

  • Whether a newsletter was opened
  • Which links were clicked
  • Which website pages were visited

This information is used to:

  • Technically deliver newsletters
  • Personalize content
  • Perform statistical analysis
  • Optimize marketing measures

Cookies and Tracking by HubSpot

HubSpot uses cookies (small text files stored on your device). These enable analysis of website usage.

Typical purposes include:

  • Storing session information
  • Recognizing returning visitors
  • Analyzing user behavior
  • Optimizing marketing measures

A current list of HubSpot cookies can be found at:
https://legal.hubspot.com/cookie-policy

Cookies are stored only with your consent (Article 6(1)(a) GDPR), where required.

Data Transfer to Third Countries

HubSpot is a U.S. company. Data may therefore be processed on servers in the United States.

According to HubSpot, appropriate safeguards pursuant to Article 46 GDPR, particularly EU Standard Contractual Clauses, are used.

Further information:
https://legal.hubspot.com/privacy-policy

Legal Basis

Processing is based on:

  • Article 6(1)(a) GDPR (consent – newsletter distribution)
  • Article 6(1)(f) GDPR (legitimate interest – marketing optimization)
  • Article 6(1)(b) GDPR (contractual or pre-contractual measures)

Online Marketing

What Is Online Marketing?

Online marketing refers to all measures carried out online to achieve marketing goals such as increasing brand awareness or concluding business transactions.

Our online marketing measures aim to draw attention to our website. To reach interested individuals, we use tools such as:

  • Online advertising
  • Content marketing
  • Search engine optimization (SEO)

To ensure effective targeting, personal data may be processed and user profiles created (often via cookies).

What Data Is Processed?

Depending on the tool used, data may include:

  • Visited pages
  • Duration of visits
  • Clicked links or buttons
  • Referrer URL
  • IP address (pseudonymized)
  • Browser and device information
  • Access time
  • Location data (if consented)

Directly identifying data (name, address, email) is generally stored only in pseudonymized form.

We receive only aggregated statistical data and no directly identifiable personal data.

Legal Basis

  • Article 6(1)(a) GDPR – consent
  • Article 6(1)(f) GDPR – legitimate interest in optimizing marketing measures

Social Media

What Is Social Media?

In addition to our website, we are active on various social media platforms. User data may be processed in order to address interested individuals via social networks.

Social media elements (e.g., social buttons) may also be integrated into our website.

Why Do We Use Social Media?

Social media platforms enable communication and interaction. Our presence allows us to present our services and products to interested users.

Data collected via social media may be used to:

  • Conduct web analytics
  • Develop targeted marketing strategies
  • Create user profiles
  • Display personalized advertisements

Please note that data may also be processed outside the European Union, particularly in the United States.

What Data Is Processed?

Depending on the provider:

  • Telephone numbers
  • Email addresses
  • Contact form entries
  • Usage data
  • Device information
  • IP address
  • Profile-related data (if logged in)

Data is generally stored on the provider’s servers.

For detailed information, please refer to the respective provider’s privacy policy.

Legal Basis

  • Article 6(1)(a) GDPR – consent
  • Article 6(1)(f) GDPR – legitimate interest in communication

Google Maps Privacy Policy

What Is Google Maps?

We use the mapping service Google Maps provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The parent company is Google LLC.

Google Maps is an online mapping service that allows precise location searches, route planning, and interactive map display (including satellite and Street View imagery).

Why Do We Use Google Maps?

Google Maps enables us to provide:

  • Clear location information
  • Directions
  • Improved customer service

What Data Is Stored?

Google may process:

  • Search terms
  • IP address
  • Latitude and longitude coordinates
  • Starting address (route planner)

Google sets at least one cookie (NID) in your browser.

Cookie Name: NID
Purpose: Personalization of advertisements and services
Expiration: Approximately 6 months

We cannot guarantee completeness of the listed data.

Storage and Location

Google operates data centers worldwide, primarily in the United States. Data may therefore be stored outside the EU.

Some data is stored for fixed periods; other data may be manually deleted. IP addresses and cookie information may be partially anonymized after 9–18 months.

How Can You Prevent Data Storage?

You may:

  • Adjust Google account settings (“Web & App Activity”)
  • Manually delete stored data
  • Disable or manage cookies in your browser

Please note that data processing may occur outside the EU. Transfers rely on safeguards such as EU Standard Contractual Clauses.

Legal Basis

  • Article 6(1)(a) GDPR – consent
  • Article 6(1)(f) GDPR – legitimate interest in service optimization

Further information:
https://policies.google.com/privacy

All texts are protected by copyright.
Source: Created using the AdSimple Privacy Generator.

 

Website

Website Platform / Content Management System (CMS)

What is HubSpot CMS?

Our website, including the currently active landing page, is operated using the Content Management System (CMS) from HubSpot.

Service provider:
HubSpot, Inc.
25 First Street
Cambridge, MA 02141
USA

HubSpot is a cloud-based marketing and CMS platform. This means that content is not stored on our own servers but is delivered and processed via HubSpot’s servers.

Why do we use HubSpot as our website system?

We use HubSpot to:

  • technically provide our landing pages
  • manage content easily
  • integrate forms
  • evaluate marketing activities
  • optimize user experience

The platform enables a secure, stable, and modern delivery of our online content.

What data is processed?

When visiting our website or landing page, HubSpot may process the following data:

  • IP address
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL
  • Visited pages
  • Interactions (e.g., clicks, form submissions)
  • Any personal data that you actively provide (e.g., name, email address)

Some of these data are technically necessary to display the website correctly and to ensure security.

If analysis or tracking functions are used, this is done solely based on your consent (via the cookie banner).

Cookies

HubSpot uses cookies for:

  • technically providing the website
  • storing consent
  • analyzing user behavior
  • recognizing returning visitors

Non-essential cookies are only set with your explicit consent.

An up-to-date overview of the cookies used can be found at:
https://legal.hubspot.com/cookie-policy

Data transfer to the USA

HubSpot is a US-based company. Therefore, the processing of personal data may also take place on servers in the USA.

According to HubSpot, suitable safeguards are in place in accordance with Art. 46 GDPR, particularly the EU Standard Contractual Clauses. HubSpot is also certified under the EU-US Data Privacy Framework (if currently applicable – please check if necessary).

Further information:
https://legal.hubspot.com/privacy-policy

Data retention

Personal data is only stored for as long as required for the respective purposes or as long as legal retention obligations exist.

Legal basis

Data processing is carried out on the basis of:

  • Art. 6(1)(f) GDPR (legitimate interest in a secure and efficient website)
  • Art. 6(1)(a) GDPR (consent for tracking and marketing cookies)