Change privacy settings

History of privacy settings

Revoking consent

Privacy policy

Introduction and Overview

We have written this privacy policy (version 09.01.2022-311914477) to inform you according to the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, about what personal data (referred to as “data” hereafter) we process, will process in the future, and what lawful options you have. The terms used are to be understood as gender-neutral.
In short: We inform you comprehensively about the data we process about you.

Privacy policies usually sound very technical and use legal terminology. This privacy policy aims to describe the most important things as simply and transparently as possible. Where it enhances transparency, technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics are used. We inform you in clear and simple language that we process personal data only if there is a corresponding legal basis for doing so. This is certainly not possible if you provide the most concise, unclear, and legally-technical explanations, as is often the standard on the internet when it comes to data protection. We hope you find the following explanations interesting and informative, and perhaps there is one or another piece of information that you were not yet aware of.
Should you still have questions, we ask you to contact the person or office named below or in the imprint, follow the available links, and review further information on third-party websites. Our contact details can also be found in the imprint.

Scope of Application

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by commissioned companies (processors). By personal data, we mean information as defined in Article 4 No. 1 GDPR, such as the name, email address, and postal address of a person. The processing of personal data ensures that we can offer and bill for our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• social media presences and email communication
• mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas where personal data is processed in the company through the mentioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal Bases

In the following privacy policy, we provide you with transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, which allow us to process personal data.
Regarding EU law, we refer to the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can read this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679.

We process your data only if at least one of the following conditions applies:

1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data in a contact form.
2. Contract (Article 6(1)(b) GDPR): To fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we enter into a purchase contract with you, we need personal information in advance.
3. Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not infringe your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website securely and economically efficiently. This processing is thus a legitimate interest.

Further conditions such as the performance of tasks carried out in the public interest and the exercise of official authority and the protection of vital interests generally do not apply to us. Should such a legal basis be relevant, it will be indicated at the appropriate place.

In addition to the EU regulation, national laws also apply:

• In Austria, this is the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act), abbreviated as DSG.
• In Germany, the Federal Data Protection Act, abbreviated as BDSG, applies.

If further regional or national laws apply, we will inform you in the following sections.

Contact Details of the Controller

If you have questions about data protection, you can find the contact details of the responsible person or office below:
LAFORET Management Consulting
Dirk Laforet
Riedeselstraße 35D, 82319, Starnberg
Authorized representative: Dirk Laforet
Email: [email protected]

Imprint: https://laforet-mc.com/privacy

Storage Duration

As a general criterion, we store personal data only as long as it is necessary to provide our services and products. This means that we delete personal data as soon as the reason for the data processing is no longer applicable. In some cases, we are legally required to retain certain data even after the original purpose has ceased, for example, for accounting purposes.

If you request the deletion of your data or revoke your consent to data processing, the data will be deleted as quickly as possible and to the extent that no legal obligation to retain it exists.

We will inform you about the specific duration of the respective data processing further below, if we have more information on this.

Rights Under the General Data Protection Regulation

According to Article 13 GDPR, you have the following rights to ensure fair and transparent data processing:

• According to Article 15 GDPR, you have the right to know whether we process data about you. If this is the case, you have the right to receive a copy of the data and the following information:
  • the purpose of the processing;
  • the categories of data being processed;
  • the recipients of the data and if the data is transferred to third countries, how the security can be guaranteed;
  • how long the data will be stored;
  • the existence of the right to rectification, erasure, or restriction of processing and the right to object to the processing;
  • that you can lodge a complaint with a supervisory authority (links to these authorities are provided below);
  • the origin of the data, if we did not collect it from you;
  • whether profiling is conducted, i.e., whether data is automatically evaluated to create a personal profile about you.
• According to Article 16 GDPR, you have the right to rectification of the data, meaning that we must correct data if you find errors.
• According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), meaning you can request the deletion of your data.
• According to Article 18 GDPR, you have the right to restrict processing, meaning that we may only store the data but not use it further.
• According to Article 19 GDPR, you have the right to data portability, meaning that we provide you with your data in a common format upon request.
• According to Article 21 GDPR, you have the right to object, which, if enforced, results in a change in processing.
  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interests), you can object to the processing. We will then review as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct marketing, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing.
  • If data is used for profiling, you can object to this type of data processing at any time. We may then no longer use your data for profiling.
• According to Article 22 GDPR, under certain circumstances, you have the right not to be subject to a decision based solely on automated processing (e.g., profiling).

In short: You have rights – don’t hesitate to contact the responsible person listed above!

If you believe that the processing of your data violates data protection law or your data protection rights have been violated in another way, you can lodge a complaint with the supervisory authority. In Austria, this is the data protection authority, whose website you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). For our company, the following local data protection authority is responsible:

Bavaria Data Protection Authority

State Commissioner for Data Protection: Prof. Dr. Thomas Petri
Address: Wagmüllerstr. 18, 80538 Munich
Phone number: 089/21 26 72-0
Email address: [email protected]
Website: https://www.datenschutz-bayern.de/

Data Processing Security

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible for third parties to infer personal information from our data.

Article 25 GDPR refers to “data protection by design and by default,” meaning that both software (e.g., forms) and hardware (e.g., access to the server room) are always designed with security in mind, and appropriate measures are taken. If necessary, we will discuss specific measures below.

TLS Encryption with HTTPS

TLS, encryption, and HTTPS sound very technical and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the Internet.
This means that the entire data transfer from your browser to our web server is secured – no one can “overhear.”

By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol at the top left in the browser, to the left of the internet address (e.g., examplepage.de) and the use of the scheme https (instead of http) as part of our internet address.
If you want to know more about encryption, we recommend searching for “Hypertext Transfer Protocol Secure wiki” on Google to find good links to further information.

Communication

Communication Summary 👥 Affected: Everyone who communicates with us by phone, email, or online form 📓 Processed data: e.g., phone number, name, email address, entered form data. More details can be found for each type of contact used 🤝 Purpose: Handling communication with customers, business partners, etc. 📅 Storage duration: Duration of the business case and legal requirements ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (contract), Article 6(1)(f) GDPR (legitimate interests)

When you contact us and communicate via phone, email, or online form, personal data may be processed.

The data is processed for handling and processing your inquiry and the related business case. The data is stored for as long as the business case lasts or as required by law.

Affected Persons

Everyone who contacts us via the provided communication channels is affected by the mentioned processes.

Phone

If you call us, the call data is pseudonymized on the respective end device and by the telecommunications provider used. Additionally, data such as name and phone number may be sent by email afterward and stored for responding to the inquiry. The data is deleted once the business case is concluded and legal requirements allow.

Email

If you communicate with us via email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and on the email server. The data is deleted once the business case is concluded and legal requirements allow.

Online Forms

If you communicate with us via online form, data is stored on our web server and may be forwarded to an email address of ours. The data is deleted once the business case is concluded and legal requirements allow.

Legal Bases

The data processing is based on the following legal bases:

• Article 6(1)(a) GDPR (consent): You give us your consent to store and further use your data for the business case;
• Article 6(1)(b) GDPR (contract): It is necessary to fulfill a contract with you or a processor such as the phone provider, or we need to process the data for pre-contractual activities such as preparing a quote;
• Article 6(1)(f) GDPR (legitimate interests): We want to conduct customer inquiries and business communication professionally. Certain technical facilities such as email programs, exchange servers, and mobile network operators are necessary to operate the communication efficiently.

Cookies

Cookies Summary 👥 Affected: Visitors of the website 🤝 Purpose: Depends on the respective cookie. More details can be found further below or with the software manufacturer setting the cookie. 📓 Processed data: Depends on the respective cookie. More details can be found further below or with the software manufacturer setting the cookie. 📅 Storage duration: Depends on the respective cookie, can range from hours to years ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)

What Are Cookies?

Our website uses HTTP cookies to store user-specific data.
In the following, we explain what cookies are and why they are used, so you can better understand the following privacy policy.

Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is undeniable: cookies are really useful little helpers. Almost all websites use cookies. More precisely, these are HTTP cookies, as there are also other cookies for other applications. HTTP cookies are small files stored on your computer by our website. These cookie files are automatically placed in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data, such as language or personal page settings. When you return to our site, your browser sends the “user-specific” information back to our site. Thanks to the cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser like Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again when another page is requested.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie is to be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans, or other “pests.” Cookies cannot access information on your PC either.

Cookie data can look like this:

Name: _ga
Value: GA1.2.1326744211.152311914477-9
Purpose: Distinguishing website visitors
Expiration date: after 2 years

These minimum sizes should be supported by a browser:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total

What Types of Cookies Are There?

The question of which cookies we specifically use depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we want to briefly go over the different types of HTTP cookies.

There are 4 types of cookies:

Essential Cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages, and later goes to checkout. Through these cookies, the shopping cart is not deleted, even if the user closes the browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. Additionally, these cookies measure the loading time and the behavior of the website with different browsers.

Targeted Cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes, or form data are stored.

Advertising Cookies
These cookies are also called targeting cookies. They serve to deliver personalized advertising to the user. This can be very practical, but also very annoying.

Usually, you are asked during your first visit to a website which of these cookie types you want to allow. And of course, this decision is also stored in a cookie.

If you want to know more about cookies and do not shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) titled “HTTP State Management Mechanism.”

Purpose of Processing with Cookies

The purpose ultimately depends on the respective cookie. More details can be found further below or with the software manufacturer setting the cookie.

What Data is Processed?

Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you about the processed or stored data within the following privacy policy.

Cookie Storage Duration

The storage duration depends on the respective cookie and will be specified further below. Some cookies are deleted after less than an hour, others can remain on a computer for several years.

You also have influence over the storage duration yourself. You can manually delete all cookies at any time via your browser (see also below “Right to Object”). Furthermore, cookies based on consent will be deleted no later than after the withdrawal of your consent, whereby the legality of the storage remains unaffected until then.

Right to Object – How Can I Delete Cookies?

You decide whether and how you want to use cookies. Regardless of the service or website from which the cookies originate, you always have the option to delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies are stored in your browser, if you want to change cookie settings, or delete them, you can find these settings in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove information websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want to have any cookies, you can set your browser to always inform you when a cookie is to be set. So you can decide for each individual cookie whether you allow it or not. The procedure varies depending on the browser. The best way is to search the instructions on Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in the case of a Chrome browser.

Legal Basis

Since 2009, the so-called “cookie guidelines” have existed. It is stipulated that storing cookies requires your consent (Article 6(1)(a) GDPR). However, there are still very different reactions to these guidelines within EU countries. In Austria, however, this guideline was implemented in Section 96(3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as national law. Instead, this guideline was largely implemented in Section 15(3) of the Telemedia Act (TMG).

For essential cookies, even if no consent exists, there are legitimate interests (Article 6(1)(f) GDPR), which are mostly economic in nature. We want to provide visitors to the website with a pleasant user experience, and certain cookies are often absolutely necessary for this.

If non-essential cookies are used, this is done only with your consent. The legal basis is Article 6(1)(a) GDPR.

In the following sections, you will be informed more precisely about the use of cookies if the software used sets cookies.

Webhosting Introduction

Webhosting Summary 👥 Affected: Visitors of the website 🤝 Purpose: Professional hosting of the website and ensuring its operation 📓 Processed data: IP address, time of the website visit, used browser, and further data. More details can be found further below or with the respective web hosting provider. 📅 Storage duration: Depends on the respective provider, but usually 2 weeks ⚖️ Legal bases: Article 6(1)(f) GDPR (legitimate interests)

What is Webhosting?

If you visit websites today, certain information – including personal data – is automatically created and stored. This should be processed as sparingly and only with justification as possible. By website, we mean the entirety of all web pages on a domain, i.e., everything from the homepage to the very last subpage (like this one). By domain, we mean, for example, example.com or sampleexample.com.

If you want to view a website on a screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

This web browser must connect to another computer where the code of the website is stored: the web server. Operating a web server is a complicated and laborious task, which is why it is usually handled by professional providers, the so-called hosting providers. These providers offer web hosting services and ensure reliable and error-free data storage for websites.

When the browser on your computer (desktop, laptop, smartphone) connects and during the data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must store data for a while to ensure proper operation.

To illustrate:

Why Do We Process Personal Data?

The purposes of data processing are:

1. Professional hosting of the website and ensuring its operation
2. Maintaining operational and IT security
3. Anonymous evaluation of access behavior to improve our offer and, if necessary, to prosecute or pursue claims

What Data is Processed?

Even while you are visiting our website right now, our web server (the computer where this website is stored) usually automatically saves data such as

• the full internet address (URL) of the accessed website (e.g., https://www.examplewebsite.com/example-subpage.html?tid=311914477)
• browser and browser version (e.g., Chrome 87)
• the operating system used (e.g., Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g., https://www.example-sourcepage.com/fromhereicame.html/)
• the hostname and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121)
• date and time
• in files, the so-called web server log files

How Long Are Data Stored?

As a rule, the data mentioned above is stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot exclude that this data will be viewed by authorities in the event of illegal behavior.

In short: Your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data without consent!

Legal Basis

The legality of processing personal data in the context of web hosting results from Article 6(1)(f) GDPR (protection of legitimate interests), as the use of professional hosting with a provider is necessary to present the company safely and user-friendly on the internet and to be able to track attacks and claims resulting from it.

Usually, there is a contract for order processing according to Article 28 GDPR between us and the hosting provider, which ensures compliance with data protection and guarantees data security.

Google Analytics Privacy Policy

Google Analytics Privacy Policy Summary 👥 Affected: Visitors of the website 🤝 Purpose: Evaluation of visitor information to optimize the web offer. 📓 Processed data: Access statistics, data such as locations of access, device data, duration and time of access, navigation behavior, click behavior, and IP addresses. More details can be found further below in this privacy policy. 📅 Storage duration: Depends on the used properties ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)

What is Google Analytics?

We use the analysis tracking tool Google Analytics (GA) from the American company Google Inc. on our website. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. If you click on a link, for example, this action is stored in a cookie and sent to Google Analytics. Using the reports we receive from Google Analytics, we can better adapt our website and service to your needs. In the following, we go into more detail about the tracking tool and inform you primarily about which data is stored and how you can prevent this.

Google Analytics is a tracking tool that serves the analysis of data traffic on our website. For Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions you take on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we receive reports about your user behavior. These can include the following reports:

• Audience reports: Through audience reports, we learn more about our users and know more precisely who is interested in our service.
• Ad reports: Ad reports help us analyze and improve our online advertising more easily.
• Acquisition reports: Acquisition reports provide us with useful information about how we can get more people excited about our service.
• Behavior reports: Here we learn how you interact with our website. We can track the path you take on our site and which links you click.
• Conversion reports: A conversion is an action you take based on a marketing message, for example, when you go from being a website visitor to a buyer or newsletter subscriber. These reports help us understand how our marketing efforts are being received by you. So we want to increase our conversion rate.
• Real-time reports: Here we always know immediately what is happening on our website. For example, we see how many users are reading this text right now.

Why Do We Use Google Analytics on Our Website?

Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us achieve this goal.

The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is easier to find by interested people on Google. On the other hand, the data helps us understand you as a visitor better. We know exactly what we need to improve on our website to offer you the best possible service. The data also helps us to conduct our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

What Data is Stored by Google Analytics?

Google Analytics creates a random, unique ID using a tracking code that is linked to your browser cookie. This way, Google Analytics recognizes you as a new user. When you visit our site again, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This allows pseudonymous user profiles to be evaluated.

To analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For each newly created property, the Google Analytics 4 Property is set by default. Alternatively, you can also create the Universal Analytics Property. Depending on the property used, data is stored for different lengths of time.

Interactions are measured using identifiers such as cookies and app instance IDs. Interactions are all types of actions you take on our website. If you also use other Google systems (e.g., a Google account), the data generated via Google Analytics can be linked to third-party cookies. Google does not share Google Analytics data unless we, as website operators, authorize it. Exceptions may occur if required by law.

The following cookies are used by Google Analytics:

Name: _ga
Value: 2.1326744211.152311914477-5
Purpose: By default, analytics.js uses the cookie _ga to store the user ID. It generally serves to distinguish website visitors.
Expiration date: after 2 years

Name: _gid
Value: 2.1687193234.152311914477-1
Purpose: The cookie is also used to distinguish website visitors.
Expiration date: after 24 hours

Name: _gat_gtag_UA_<property -id>
Value: 1
Purpose: Used to reduce the request rate. If Google Analytics is provided via the Google Tag Manager, this cookie is named _dc_gtm_<property-id>.
Expiration date: after 1 minute

Name: AMP_TOKEN
Value: no information
Purpose: The cookie contains a token that can be used to retrieve a user ID from the AMP Client ID service. Other possible values indicate a logout, a request, or an error.
Expiration date: after 30 seconds to one year

Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie can be used to track your behavior on the website and measure the performance. The cookie is updated each time information is sent to Google Analytics.
Expiration date: after 2 years

Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_<property-id> to reduce the request rate.
Expiration date: after 10 minutes

Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated each time new data or information is sent to Google Analytics.
Expiration date: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to determine new sessions for returning visitors. It is a session cookie and is only stored until you close the browser.
Expiration date: after closing the browser

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: The cookie is used to identify the source of traffic on our website. This means the cookie stores from where you came to our website. This could be another site or an advertisement.
Expiration date: after 6 months

Name: __utmv
Value: no information
Purpose: The cookie is used to store custom user data. It is updated each time information is sent to Google Analytics.
Expiration date: after 2 years

Note: This list cannot claim to be exhaustive, as Google constantly changes the choice of their cookies.

Here we give you an overview of the most important data collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Through heatmaps, you can see exactly which areas you click on. This way we get information about where you are “on the move” on our site.

Session duration: Google defines the session duration as the time you spend on our site without leaving it. If you have been inactive for 20 minutes, the session ends automatically.

Bounce rate (English bounce rate): A bounce is when you only view one page on our website and then leave our website again.

Account creation: If you create an account on our website or make an order, Google Analytics collects this data.

IP address: The IP address is only displayed in a shortened form so that no clear assignment is possible.

Location: The country and your approximate location can be determined via the IP address. This process is also known as IP location determination.

Technical information: This includes your browser type, internet provider, or screen resolution, among other things.

Source of origin: Google Analytics or us, of course, are also interested in which website or which advertisement brought you to our site.

Further data includes contact information, possible ratings, playing media (e.g., if you play a video via our site), sharing content via social media, or adding to your favorites. The list does not claim to be exhaustive and serves only as a general orientation on data storage by Google Analytics.

How Long and Where Is the Data Stored?

Google has servers distributed all over the world. Most servers are located in America, so your data is usually stored on American servers. You can find out exactly where the Google data centers are located here: https://www.google.com/about/datacenters/inside/locations/?hl=en

Your data is distributed across various physical data carriers. This has the advantage that the data can be retrieved faster and is better protected against manipulation. There are appropriate emergency programs in every Google data center for your data. For example, if hardware fails at Google or natural disasters bring servers down, the risk of a service interruption at Google remains low.

The storage duration of your data depends on the properties used. When using the newer Google Analytics 4 properties, your user data is stored for 14 months by default. For other so-called event data, we have the option to choose a storage duration of 2 months or 14 months.

For Universal Analytics properties, the storage duration of your user data is set to 26 months by default. Then your user data will be deleted. However, we have the option to choose the storage duration of user data ourselves. We have five options available:

• Deletion after 14 months
• Deletion after 26 months
• Deletion after 38 months
• Deletion after 50 months
• No automatic deletion

There is also the option that data is only deleted when you no longer visit our website within the set period. In this case, the storage duration is reset each time you visit our website within the specified period.

Once the specified period has expired, the data is deleted once a month. This storage duration applies to your data, which is linked to cookies, user recognition, and advertising IDs (e.g., cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is the merging of individual data into a larger unit.

How Can I Delete My Data or Prevent Data Storage?

Under European Union data protection law, you have the right to receive information about your data, update it, delete it, or restrict its processing. By using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js), you prevent Google Analytics from using your data. You can download and install the browser add-on here: https://tools.google.com/dlpage/gaoptout?hl=en. Please note that this add-on only disables data collection by Google Analytics.

If you want to generally disable, delete, or manage cookies, you will find the appropriate instructions for the most well-known browsers under the section “Cookies.”

Legal Basis

The use of Google Analytics requires your consent, which we obtained with our cookie popup. This consent constitutes the legal basis for the processing of personal data as described in Article 6(1)(a) GDPR (consent).

In addition to the consent, we have a legitimate interest in analyzing the behavior of website visitors to improve our offer technically and economically. With the help of Google Analytics, we can identify errors on the website, recognize attacks, and improve the profitability. The legal basis for this is Article 6(1)(f) GDPR (legitimate interests). However, we use Google Analytics only to the extent that you have given your consent.

Google processes your data in the USA, among other places. We point out that according to the European Court of Justice, currently no adequate level of protection exists for the transfer of data to the USA. This can involve various risks to the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, in particular in the USA) or a data transfer there, Google uses so-called standard contractual clauses (= Article 46(2) and (3) GDPR). Standard contractual clauses (Standard Contractual Clauses – SCC) are templates provided by the EU Commission and are intended to ensure that your data also complies with the European data protection standards when transferred and stored in third countries (such as the USA). By using these clauses, Google undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

You can find the Google Ads data processing terms (Google Ads Data Processing Terms), which also apply to Google Analytics, at https://business.safety.google/adsprocessorterms/.

We hope to have provided you with the most important information about data processing by Google Analytics. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/en.html and https://support.google.com/analytics/answer/6004245?hl=en.

Google Analytics Demographic Reports and Interests

We have enabled the advertising features in Google Analytics. The demographic reports and interests contain information about age, gender, and interests. This allows us to get a better picture of our users – without being able to assign this data to individual people. Learn more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=en.

You can stop using the activities and information of your Google account under “Ad settings” at https://adssettings.google.com/authenticated.

Other Introduction

Other Privacy Policy Summary 👥 Affected: Visitors of the website 🤝 Purpose: Improving the user experience 📓 Processed data: What data is processed depends heavily on the used services. Usually, it is IP addresses and/or technical data. More details can be found with the respective tools used. 📅 Storage duration: Depends on the tools used ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)

What Falls Under “Other”?

The “Other” category includes services that do not fit into any of the above categories. These are usually various plugins and embedded elements that improve our website. These functions are typically sourced from third parties and embedded in our website. For example, this includes web search services like Algolia Place, Giphy, Programmable Search Engine, or online services for weather data such as OpenWeather.

Why Do We Use Other Third Parties?

We want to offer you the best web service in our industry with our website. For a long time, a website has not just been a mere business card for companies. Rather, it is a place that should help you find what you are looking for. To continually make our website more interesting and helpful for you, we use various services from third parties.

What Data is Processed?

Whenever elements are embedded in our website, your IP address is sent to the respective provider, stored, and processed there. This is necessary because otherwise the content cannot be sent to your browser and therefore cannot be displayed accordingly. It may also happen that service providers use pixel tags or web beacons. These are small graphics on websites that can log a file and also create analysis of this file. With the obtained information, the providers can improve their own marketing measures. In addition to pixel tags, information (such as which button you click or when you visit which page) can also be stored in cookies. In these cookies, in addition to analytical data about your web behavior, technical information such as your browser type or your operating system can also be stored. Some providers may also link the obtained data with other internal services or with third parties. Each provider handles your data differently. Therefore, we recommend you to carefully read the privacy policies of the respective services. We generally strive to use only services that handle the issue of data protection very cautiously.

Duration of Data Processing

We will inform you about the duration of data processing further below, if we have more information on this. Generally, we process personal data only as long as it is absolutely necessary to provide our services and products.

Legal Basis

If we ask for your consent and you also give it, this constitutes the legal basis for the processing of your data (Article 6(1)(a) GDPR). In addition to the consent, we have a legitimate interest in analyzing the behavior of website visitors to improve our offer technically and economically. The legal basis for this is Article 6(1)(f) GDPR (legitimate interests). We only use the tools to the extent that you have given your consent.

Information about the specific tools is provided – if available – in the following sections.

Font Awesome Privacy Policy

Font Awesome Privacy Policy Summary 👥 Affected: Visitors of the website 🤝 Purpose: Optimization of our service 📓 Processed data: e.g., IP address and which icon files are loaded. More details can be found further below in this privacy policy. 📅 Storage duration: Files in identifiable form are stored for a few weeks ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)

What is Font Awesome?

We use Font Awesome from the American company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA) on our website. When you visit one of our web pages, the web font Font Awesome (specifically icons) is loaded via the Font Awesome Content Delivery Network (CDN). This ensures that texts or fonts and icons are displayed correctly on every device. In this privacy policy, we explain the data storage and data processing by this service in more detail.

Icons are becoming increasingly important for websites. Font Awesome is a web font specifically designed for web designers and web developers. With Font Awesome, for example, icons can be scaled and colored as desired using the CSS stylesheet language. They replace old image icons. Font Awesome CDN is the easiest way to load icons or fonts onto your website. We only had to embed a small line of code into our website for this.

Why Do We Use Font Awesome on Our Website?

Through Font Awesome, content on our website can be better prepared. This allows you to better navigate our website and capture the content more easily. With the icons, we can even sometimes replace entire words and save space. This is especially practical when we optimize content specifically for smartphones. These icons are inserted as HTML code instead of as images. This allows us to edit the icons with CSS as we want. At the same time, we also improve our loading speed with Font Awesome, as they are only HTML elements and not icon images. All these advantages help us make the website more user-friendly, fresher, and faster for you.

What Data is Stored by Font Awesome?

The Font Awesome Content Delivery Network (CDN) is used to load icons and symbols. CDNs are networks of servers that are distributed worldwide and allow fast loading of files from nearby locations. Thus, as soon as you call up one of our pages, the corresponding icons are provided by Font Awesome.

For the web fonts to be loaded, your browser must establish a connection to the servers of Fonticons, Inc. In doing so, your IP address is recognized. Font Awesome also collects data on which icon files are downloaded and when. Additionally, technical data such as your browser version, screen resolution, or the time of the accessed page is transmitted.

The following reasons explain why this data is collected and stored:

• to optimize content delivery networks
• to detect and fix technical errors
• to protect CDNs from misuse and attacks
• to calculate fees for Font Awesome Pro customers
• to know the popularity of icons
• to know which computer and which software you use

If your browser does not allow web fonts, a standard font from your PC is automatically used. According to current knowledge, no cookies are set. We are in contact with Font Awesome’s data protection department and will let you know as soon as we learn more.

How Long and Where Is the Data Stored?

Font Awesome stores data on the use of the content delivery network on servers, including in the United States. However, CDN servers are distributed worldwide and store user data based on location. Identifiable data is typically stored for only a few weeks. Aggregated statistics on the use of the CDNs can also be stored longer. Personal data is not included.

How Can I Delete My Data or Prevent Data Storage?

According to current knowledge, Font Awesome does not store any personal data via the content delivery networks. If you do not want data about the used icons to be stored, unfortunately, you cannot visit our website. If your browser does not allow web fonts, no data is transmitted or stored. In this case, the standard font of your computer is simply used.

Legal Basis

If you have consented to the use of Font Awesome, the legal basis for the corresponding data processing is this consent. According to Article 6(1)(a) GDPR (consent), this constitutes the legal basis for the processing of personal data as it occurs with Font Awesome.

Additionally, we have a legitimate interest in using Font Awesome to optimize our online service. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). However, we only use Font Awesome to the extent that you have given your consent.

We point out that according to the European Court of Justice, currently, no adequate level of protection exists for the transfer of data to the USA. Data processing is essentially carried out by Font Awesome. This can result in data not being anonymized and being stored and processed. US government authorities may have access to individual data. Additionally, data may be linked with data from other services by Font Awesome, in which you have a user account.

If you want to learn more about Font Awesome and how they handle data, we recommend reading their privacy policy at https://fontawesome.com/privacy and the help page at https://fontawesome.com/help?tid=311914477.

Google Fonts Privacy Policy

Google Fonts Privacy Policy Summary 👥 Affected: Visitors of the website 🤝 Purpose: Optimization of our service 📓 Processed data: e.g., IP address and CSS and font requests. More details can be found further below in this privacy policy. 📅 Storage duration: Font files are stored by Google for one year ⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)

What Are Google Fonts?

We use Google Fonts on our website. These are the “Google Fonts” provided by Google Inc. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

To use Google Fonts, you do not need to register or provide a password. Additionally, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, these requests for CSS and fonts are entirely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the usage of CSS and the fonts used and stores this data securely. We will look at how this data storage looks in more detail.

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google provides to its users for free.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses.

Why Do We Use Google Fonts on Our Website?

With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an essential building block to keep the quality of our website high. All Google Fonts are automatically optimized for the web, saving data volume and being a significant advantage, especially for mobile devices. When you visit our site, the small file size ensures fast loading times. Additionally, Google Fonts are secure web fonts. Different synthesis systems (rendering) in various browsers, operating systems, and mobile devices can lead to errors. Such errors can partially distort texts or entire web pages visually. Thanks to the fast content delivery network (CDN), there are no cross-platform issues with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts to make our entire online service as attractive and consistent as possible.

What Data is Stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external call sends data to the Google servers. So Google also recognizes that you or your IP address is visiting our website. The Google Fonts API is designed to reduce the usage, storage, and collection of end-user data to what is necessary for the proper provision of fonts. API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests at Google and is thus protected. Google can determine how well the individual fonts are received through the collected usage data. Google publishes the results on internal analysis pages, such as Google Analytics. Additionally, Google uses the data of its web crawler to determine which websites use Google fonts. These data are published in the BigQuery database of Google Fonts. Entrepreneurs and developers use the Google web service BigQuery to examine and move large data volumes.

However, keep in mind that every Google Fonts request also transmits information such as language settings, IP address, browser version, screen resolution, and the browser’s name. Whether this data is also stored is not clearly identifiable or is not clearly communicated by Google.

How Long and Where Is the Data Stored?

Requests for CSS assets are stored by Google for one day on their servers, mainly outside the EU. This allows us to use the Google Stylesheet to use the fonts. A stylesheet is a template that allows you to quickly and easily change the design or font of a website.

Font files are stored by Google for one year. Google’s goal is to improve the loading time of websites fundamentally. When millions of web pages reference the same fonts, they are cached after the first visit and immediately appear on all later visited web pages. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How Can I Delete My Data or Prevent Data Storage?

Those data that Google stores for a day or a year cannot be simply deleted. The data is automatically transmitted to Google when you access the page. To delete this data prematurely, you need to contact Google Support at https://support.google.com/?hl=en&tid=311914477. To prevent data storage, you can only visit our site if your browser does not allow web fonts.

Unlike other web fonts, Google allows us unlimited access to all fonts. This allows us to access a vast ocean of fonts without restrictions and make the most of our website. For more on Google Fonts and other questions, visit https://developers.google.com/fonts/faq?tid=311914477. Although Google addresses privacy-relevant issues there, truly detailed information on data storage is not included. It is relatively difficult to get precise information from Google about stored data.

Legal Basis

If you have consented to the use of Google Fonts, this consent is the legal basis for the corresponding data processing. This consent constitutes the legal basis for the processing of personal data according to Article 6(1)(a) GDPR (consent).

Additionally, we have a legitimate interest in using Google Fonts to optimize our online service. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). However, we only use Google Fonts to the extent that you have given your consent.

Google processes your data in the USA, among other places. We point out that according to the European Court of Justice, currently, no adequate level of protection exists for the transfer of data to the USA. This can involve various risks to the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or a data transfer there, Google uses so-called standard contractual clauses (= Article 46(2) and (3) GDPR). Standard contractual clauses (Standard Contractual Clauses – SCC) are templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when transferred and stored in third countries (such as the USA). By using these clauses, Google undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en.

The Google Ads data processing terms (Google Ads Data Processing Terms), which also apply to Google Fonts, can be found at https://business.safety.google/adsprocessorterms/.

You can also read about what data Google collects and what it is used for at https://www.google.com/intl/en/policies/privacy/.

hCaptcha

We use the hCaptcha anti-bot service (hereinafter “hCaptcha”) on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation (“IMI”). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g., IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the “invisible mode” may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Article 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a “data processor” acting on behalf of its customers as defined under the GDPR, and a “service provider” for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha and IMI’s privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms.

All texts are copyrighted.

Source: Created with the Privacy Policy Generator by AdSimple