The protection of personal data is an important concern for osapiens Holding GmbH (hereinafter referred to as „osapiens“, “us”, “our”or “we”). Your personal data as website user (hereinafter referred to as “you” and “your”) is processed in compliance with the applicable data protection provisions, in particular the General Data Protection Regulation (GDPR).
Pursuant to Art.4 no. 1 GDPR, personal data means any information relating to an identified or identifiable natural person that you provide to us (hereinafter referred to as "data").
Responsible for the processing of your data is:
osapiens Holding GmbH
Phone: +49 621 / 150 206 90
We have appointed a data protection officer:
c/o TÜV SÜD Akademie GmbH
Our data protection officer will be happy to answer any questions you may have on data protection issues. You can reach our data protection officer at
This website is hosted by an external service provider, Webflow, Inc.,398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter referred toas “Webflow” or “Hoster”). The data collected on this website is stored on the server of this hoster. This may especially be IP addresses, contact requests, meta and communication data,contractual data, contact data, names, website accesses and other data generated via a website. Furthermore, Webflow stores cookies or other recognition technologies that are required for the depiction of the website, for the provision of certain website functions and to guarantee its security (necessary cookies).
The Hoster is assigned for the purpose of the contract fulfilment towards our potential and existing customers/website visitors (Art. 6 (1) lit. b) GDPR) and in the interest of a secure, fast, and efficient performance of our website by professional provider (Art. 6 (1) lit. b) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1) lit a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetzes-TTDSG),insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
Our Hoster will only process your data to the extent necessary to fulfil its service obligations and will follow our instructions regarding processing of these data.
To ensure processing of the data in compliance with data protection regulations, we have concluded a data processing agreement with our Host Provider.
The transfer of data to the United States (US) is based on the standard contract clauses of the European Union (EU) Commission. For details, please go to: https://webflow.com/legal/eu-privacy-policy. Furthermore, Webflow is certified in accordance with the “EU-US Data Privacy Framework” (hereinafter referred to as “DPF”). The DPF is an agreement between the EU and the US, which is intended to ensure compliance with EU data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please follow the link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TT9jAAG&status=Active
Each time you access our website, your browser automatically transmits data that is stored in the server’s log files. These are the following data ("log files data"):
We analyse log files data anonymously to continuously improve the website, to adapt the website to the interests of our users and to improve errors more quickly. These purposes are also our legitimate interest in data processing according to Art.6 (1) lit. f) GDPR.
In non-anonymised form, log files data is used exclusively to identify malfunctions and to ensure system security, including the detection and tracking of unauthorized access attempts and fraud. These log files data are stored for 7 days and then deleted. Log files data whose further retention is required for evidence purposes is excluded from deletion until final clarification of the respective incident and may be passed on to investigating authorities in individual cases.
If you send us requests via contact form, we store your contact data for processing of your request as well as for the case of follow-up questions. While using the contact form you must submit first and last name as well as a valid email address in order to allocate a person behind the request and in order to be able to answer it.Additional information like industry, job title, phone number, solution of interest with regards to our services and any additional message can be provided optionally. If you do not wish to provide the data we have requested,we may not be able to provide the information and/or services you request or perform certain tasks for which your data is requested.
The processing of this data is based on Art. 6 (1) lit. b) GDPR, insofar as that your request is related to the performance of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the inquiries addressed to us(Art. 6 (1) letter f) GDPR) or on your consent according to Art. 6 (1) lit. a)GDPR, if this has been requested; the consent can be revoked at anytime.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. when the processing of your request is completed). Mandatory Statutory provisions – in particular retention periods – remain unaffected.
If you contact us by email, telephone or fax, your request including all therefrom resulting data will be stored and processed by us for the purpose of treating your request. We do not share this data without your consent.
The processingof these data is based on Art. 6 (1) lit. b) GDPR, as far as your request isrelated to the fulfillment of a contract or is necessary for the performance ofpre-contractual measures. In all other cases, the processing is based on ourlegitimate interest in the effective handling of the requests addressed to us(Art. 6 (1) lit. f) GDPR) or on your consent according to Art. 6 (1) lit. a)GDPR, if this has been requested; the consent can be revoked at any time.
The data sent by you to us via contact requests remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after completion of your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.
To Register for the newsletter, the data requested in the registration process, such as the title, name and email address are collected. The registration for the newsletter is recorded. After registration, you will receive a message to the specified email address in which you are asked to confirm the registration("double opt-in"). We further record whether you have opened the email and which newsletter issues you have read, when and how often. If you subscribe our newsletter, we will send information about our offers on regular basis.
The data collected by us when you register for the newsletter will be used exclusively for advertising purpose. The legal basis for sending the newsletter is your consent according to Art. 6 (1) lit. a) in conjunction with. Art.7 GDPR and Section 7 para. 2 no. 3 Law on Unfair Competition (Gesetz gegen den unlauteren Wettbewerb-UWG). Legal basis for the recording of the login registration is our legitimate interest (Art. 6 (1)lit. f) GDPR).
You can revoke the given consent to store the data, the email address and their use for sending the newsletter at any time, for example via the "unsubscribe from all communication" link in the newsletter. The legality of the data processing already carried out remains unaffected until your revocation. The Data you provide for the purpose of receiving the newsletter will be stored byus or the newsletter service provider until you unsubscribe from the newsletter. After unsubscribing from the newsletter or after expiry of the purpose, your data will be deleted from the newsletter distribution list.
After you have unsubscribed from the newsletter distribution list, your email address may be stored by us or the newsletter service provider (Hubspot CRM as described below) in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This Serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest according to Art. 6 (1) lit. f)GDPR). The storage in the blacklist is not limited in time. You can object the storage if your interests outweigh our legitimate interest.
We store the registration data as long as they are needed for sending the newsletter. We store the login registration data as long as there is an interest in proving the initially granted consent.
If you are our customer, we send you information about campaigns, offers and our products by letter. In this manner, we provide you information on subjects that you may be interested in. This is a special form of direct marketing that intensifies the relationship with customers by providing them with exclusive information.
The legal basis is Art. 6 (1) lit. f) GDPR. If a corresponding consent has been requested, the processing is exclusively based on Art. 6 (1) lit. a) GDPR; the consent can be revoked at any time.
You may object to the sending of advertising at any time. A notification in text form using the contact data (e.g. email, fax, letter) mentioned above is sufficient for this purpose. Your data will remain with us until the purpose for processing the data no longer applies.
On our website we use so-called "cookies". Cookies are small text files and do not cause any damage on your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your terminal device until you delete it yourself or it is automatically deleted by your web browser.
In some cases,cookies from third-party companies may also be stored on your terminal device when you enter our website (third party-cookies). These enable us or you to use certain services of the third-party company.
Cookies have different functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function). Other cookies are used to evaluate user behavior or show advertising.
Cookies that are necessary to carry out the electronic communication process (necessary cookies)or to provide certain functions that you have requested (functional cookies,e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f)GDPR, unless another legal basis is specified. The website provider has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies concerned is based exclusively on this consent (Art. 6 (1) lit. a) GDPR and Section 25 (1) TTDSG); the consent can be revoked at any time.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the scope of this data protection policy and, if necessary, request your consent.
You can set your browser in such a way that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or generally, or to exclude the cookies completely. Excluding cookies may limit the functionality of the website.
Please refer to the user menu of your web browser or the website of your browser's manufacturer for information on how to set your browser program appropriately. Regularly, in the menu bar of your web browser, the help function will show you how to be informed about the setting of cookies, or you can reject new cookies and also delete cookies already received.
Our website uses consent technology from Cookiebot to obtain your consent to the storage of certain cookies on your end device or for the use of certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as “Cookiebot”).
We have concluded a data processing agreement for the use of the above-mentioned service with Cookiebot.
In the scope of our business activities, we cooperate with various external parties. In some cases, this also requires the transfer of data to these external parties. We only disclose data to external parties if this is required as part of the fulfillment of a contract (Art. 6 (1) lit. b) GDPR, if we are legally obligated to do so (e.g., disclosure of data to tax authorities) based on Art. 6 (1) lit.c) GDPR, if we have a legitimate interest in the disclosure pursuant to Art. 6(1) lit. f) GDPR, or if another legal basis permits the disclosure of thisdata. When using processors, we only disclose your data based on a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
We use, among other technologies, tools from companies located in third-party countries(outside of EU or European Economic Area (EEA)) that are not safe under data protection law, as well as US tools whose providers are not certified under the DPF. If these tools are enabled, your data may be transferred to and processed in these countries. We would like you to note that no level of data protection comparable to that in the EU can be guaranteed in third countries that are insecure in terms of data protection law.
In the following we describe the use of data using services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The responsible service provider in the EU is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
We use services,where Google acts either as data processor or as joint controller together with us based on the respective agreements. So far as data is processed in the US,we point out that this is carried out based on the standard contractual clauses(SCC) of the EU Commission.
Please find details here:
Furthermore, Google LLC is certified in accordance with the DPF. For more information,please contact follow the link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active.
For more information about Google's use of data, settings, and opportunities to raise objections, please refer to Google's privacy declaration https://policies.google.com/privacy?hl=en-US.
We use the Google Tag Manager. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it.However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) company in the US.
The Google Tag Manager is used based on Art. 6 (1) lit. f) GDPR. The website provider has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1) lit. a)GDPR and Section 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
We use functions of the web analysis service Google Analytics. The service provider of this service is Google.
Google Analytics enables the website provider to analyze the behavior patterns of the website visitors. To that end, the website provider receives a variety of user data,such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device ofthe user. An assignment to a user-ID does not take place.
Furthermore,Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting).
In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be anonymized by Google within member states of the EU or EEA.
The use of this analysis tool is based on Art. 6 (1) lit. f) GDPR. The website provider has a legitimate interest in analysing user behaviour to optimize both its web offer and its advertising. If a corresponding consent has been requested (e.g.consent to store cookies), the processing is based exclusively on Art. 6 (1) lit.a) GDPR and Section 25 (1) TTDSG; the consent can be revoked at any time.
The data sent by us and linked to cookies are automatically deleted after 2 months. The deletion of data whose retention period has been reached takes place automatically once a month. I you visit our website again within the period of 2 months, the retention period will be prolonged for another 2 months.
You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information about the handling of user data by Google Analytics, please consult Google’s Google Analytics Terms of Service at: https://marketingplatform.google.com/about/analytics/terms/us/.
We use Google Ads. Google Ads is an online promotional program of Google.
Google Ads enables us to display ads (cookie will be set) in the Google search engine oron third-party websites, if the user enters certain search terms into Google(keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests;target group targeting). As the website provider, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.
By way of the integration of Google Ads, Google receives the information that you viewed the relevant part of our website or clicked any of our ads. Due to the applied marketing tools, your browser automatically establishes a direct connection with the server of Google. We have no influence on the scope and the further use of the data processed by Google by applying this tool. Therefore, we inform you in accordance with our knowledge: if you are registered with one of the service tools offered by Google, Google can allocate the visit to your account.Even if you are not registered with Google or have not logged in, it is possible that the provider will find out and store your IP address.
The use of these services occurs based on your consent pursuant to Art. 6 (1) lit. a) GDPR and Section 25 (1) TTDSG. You may revoke your consent at any time.
You may prevent participation in this tracking process in several ways a) by a corresponding setting of your browser, particularly, the disabling of cookies means that you will not receive ads from third-party providers, b) by installing the plugin provided by Google via the following link: https://www.google.com/settings/ads/plugin; c) by deactivating the interest-based ads of the providers that are part of the self-regulation campaign "About Ads", via the link http://www.aboutads.info/choices,whereby this setting is deleted when you delete your cookies; d) by permanent deactivation in the browsers Firefox, Explorer or Google Chrome via the link http://www.google.com/settings/ads/plugin, e) by setting the respective cookies. We would like to inform you that in this case you may not be able touse all the functions of this website to their full extent.
We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereafter referred to as “Hubspot”).
Hubspot CRM enables us, among other things, to manage existing and potential customers and customer contacts, to communicate with you and to plan and execute marketing activities in line with your interests.
Hubspot CRM enables us to capture, sort and analyze customer interactions via email, social media, or phone across multiple channels. The data collected in this way can be evaluated and used for communication with the potential customer or marketing measures (e.g., newsletter mailings). Hubspot CRM also enables us to collect and analyze the user behavior of our contacts on our website.
The use of Hubspot is based on Art. 6 (1) lit. f) GDPR. The website provider has a legitimate interest in the most efficient customer management and customer communication.If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1) lit. a) GDPR and Section 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of theTTDSG. This consent can be revoked at any time.
We have concluded a data processing agreement for the use of the above-mentioned service with Hubspot. The data transmission to the US is based on the SCCclauses of the EU Commission. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield and https://eur-lex.europa.eu/eli/dec_impl/2021/914.
Furthermore, the Hubspot is certified in accordance with the DPF. For more information, please follow the link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN8pAAG&status=Active.
We maintain publicly accessible profiles on social networks. You can find the social networks we use in detail below. The social media icons presented on ourwebsite are links. This means that your data on our website is not processed by the social media providers. If you click on the "plug-ins", you will be redirected to our respective social media presence.
Social networks such as Facebook, Instagram, etc. can usually comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media accounts causes many processing operations that are relevant to data protection.
If you are logged into your social media account and visit our social media presence, the provider of the social media portal can allocate this visit to your user account.However, your data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, thisdata collection takes place, for example, via cookies that are stored on your device or by recording your IP address.
By collecting data, the providers of the social media portals can create user profiles in which your preferences and interests are stored. Thus, demand-driven advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
Our social media presences are designed to ensure the broadest possible presence on the internet. This complies with our legitimate interest according to Art. 6 (1) lit.f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be stated by the respective social providers (e.g. consent according to Art. 6 (1) lit. a) GDPR).
If you visit one of our social media websites (e.g. Facebook), please take note that we are jointly responsible with the provider of the social media platform for the data processing resulting from this visit. In principle, you can assert your claims(information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our possibilities are significantly determined by the company policy of the respective provider.
The data directly collected by us via the social media presence will be deleted from our system as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until youdelete them. Binding legal conditions - in particular retention periods and limitation periods - will remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes.
Our website embeds videos (from our YouTube channel) of the website YouTube. The Service Provider is Google.
We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out because of the expanded data protection mode. For instance, regardless of whether you're watching a video, YouTube will always establish a connection with the Google DoubleClick network.
As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified,which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your profile. You have the option to prevent this by logging out of your YouTube account.
Furthermore,after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.
Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.
The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 (1) lit. f) GDPR, this is a legitimate interest.If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1) lit. a) GDPR and Section 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of theTTDSG. This consent can be revoked at any time.
We have a profile on LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company,Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter referred to as “LinkedIn”).
Furthermore, we use the LinkedIn Insight Tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location,industry, job title) of our website users to help us better target our site to the relevant audience. We can also use Insight Tag to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices(e.g. from PC to tablet). Insight Tag also features a retargeting function that allows us to display targeted advertising (LinkedIn Ads) to visitors to our website outside of the website. This will be done for marketing and optimisation purposes, in particular to analyse the use and to continuously improve individual functions and the user experience. According to LinkedIn, no identification of the advertising addressee takes place.
LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The Direct identifiers of LinkedIn members are deleted by LinkedIn after sevendays. The remaining pseudonymized data will then be deleted within 180 days https://www.linkedin.com/help/linkedin/answer/a1445756/linkedin-marketing-solutions-und-die-datenschutz-grundverordnung-dsgvo-?lang=de.
If your approval(consent) has been obtained the use of the abovementioned service shall occur based on Art. 6 (1) lit. a) GDPR and Section 25 TTDSG. Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur based on Art. 6 (1) lit. f) GDPR; the website provider has a legitimate interest in effective advertising promotions that include the utilization of social media.
We have concluded a Joint Controller Addendum for the use of the above-mentioned service. The data transmission to the US is based on the SCC of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Furthermore we have concluded a LinkedIn Ads Agreement for the use of LinkedIn Ads https://de.linkedin.com/legal/sas-terms.
The agreement with LinkedIn, including those concerning joint responsibility, mainly indicate that information requests and the enforcement of further rights of the data subject should most appropriately be carried out directly via LinkedIn. As the provider of the social network LinkedIn, LinkedIn solely has the direct means of access and the information required to be able to process your requests.LinkedIn can additionally take any required measures directly and provide information. If you nevertheless require our support, please feel free to contact us at any time.
You can object to LinkedIn’s analysis of user behavior and targeted advertising as well as prevent the installation of cookies in the settings of your web browser at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. In addition, LinkedIn members can control the use of their data for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.
Unless Specifically stated, we only store data for as long as is necessary to fulfil the purposes for which it was collected. In several cases, it is required to store data to cope with law, for example tax or commercial law. In these cases,we will only continue to store the data for these legal purposes but will not process it in any other way and will delete it after the legal retention period has expired.
We make every effort to ensure the security of your data within the scope of the applicable data protection laws and technical possibilities.
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website provider, this website uses the SSL (Secure Socket Layer) coding system. We would like to point out that data transmission on the Internet (e.g. when communicating by email) can have security gaps. Complete protection of the data against access by third parties is not possible.
To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we continually adapt to the state of the art.
Furthermore, wedo not guarantee that our service will be available at certain times;disruptions, interruptions or failures cannot be ruled out.
You have extensive rights with regard to the processing of your data.
You have the right to information about the data stored by us, in particular, for what purpose the processing is carried out and how long the data is stored (Art. 15 GDPR). This right is limited by the exceptions of Section 34 of the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), according to which the right to information does not apply in particular if the data is stored only due to legal retention requirements or for data security and data protection control,the provision of information would require a disproportionate effort and misappropriation of the data processing is prevented by appropriate technical and organisational measures.
You have the right to request the rectification of your data without delay if it should be inaccurate (Art. 16 GDPR).
You have the right to request the erasure (Art. 17 GDPR) of your data. These conditions exist in particular if a) the respective processing purpose has been achieved or otherwise ceases to apply, b) we have processed your data unlawfully, c) you have revoked a consent without the data processing may not be continued on another legal basis, d) you successfully object to the data processing, or e)the obligation to delete your data based on the law of the EU or an EU member state, to which we are subject, exists. This right is subject to the restrictions set out in Section 35 BDSG, according to which the right to erasure may be waived, in particular if, in the case of non-automated data processing, there is a disproportionate effort for erasure and your interest in erasure is to be regarded as low.
You have the right to request restriction of the processing of your data (Art. 18 GDPR). This right exists in particular if a) the accuracy of the data is disputed, b) you request restricted processing instead of erasure under the conditions of a legitimate request for erasure, c) the data is no longer necessary for the purposes pursued by us, but you need the data to assert,exercise or defend legal claims or d) the success of an objection is still disputed.
You have the right to obtain your data that were provided to us in a structured, common, machine-readable format (Art. 20 GDPR), if the data has not already been deleted.
You have the right to object to the processing of your data at any time on grounds relating to your particular situation (Art. 21 GDPR). We will stop processing your data unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights, and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
According to Art. 7 para. 3 GDPR, you have the right to revoke your consent at any time. The revocation does not affect the lawfulness of the processing carried out on the basis of the previous consent. The only consequence of the revocation is that we may no longer continue the data processing based on this consent for the future. However, please note that we may not be able to provide certain services or additional services if we are not able to process the data required for this purpose.
Right in relation to automated decision making: You have the right (Art. 22 GDPR) not to be subject to automated decision making, including profiling, that has legal consequences or similar significant effects for you.We generally do not use automated decision making or profiling. However, if you have been subjected to automated decision-making and do not agree with the outcome, you may contact us in the ways set out below and ask us to review the decision.
You have the possibility to contact the above-mentioned data protection officer (if appointed) or a data protection supervisory authority if you believe that the processing of your data violates the GDPR.