Privacy policy
We are pleased that you visit our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you here about which of your personal data we collect when you visit our website and for what purposes it is used.
This privacy policy applies to the online offer of ISM GmbH, which is accessible under the domain www.puma-safety.com as well as the various subdomains ("our website").
Who is responsible and how can I reach you?
Responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
ISM GmbH
Koggenweg 1
59557 Lippstadt
DE
+49 (0) 2941 / 7606 - 600
info@ism-europa.com
Data Protection Officer
AGAD Service GmbH
Waldring 43-47
44789 Bochum
DE
datenschutz@ism-europa.de
What is this about?
This privacy policy meets the legal requirements for transparency in the processing of personal data. This includes all information relating to an identified or identifiable natural person. Examples include information such as your name, age, address, phone number, date of birth, email address, IP address, or user behavior when visiting a website. Information for which we cannot establish a connection to you (or only with disproportionate effort), e.g., through anonymization, is not personal data. The processing of personal data (e.g., collection, querying, use, storage, or transmission) always requires a legal basis and a defined purpose.
Stored personal data is deleted as soon as the purpose of the processing has been achieved and there are no lawful reasons for further retention of the data. We inform you about the specific storage periods or criteria for storage in the individual processing operations. Regardless of this, we store your personal data in individual cases to assert, exercise, or defend legal claims and when there are statutory retention obligations.
Who receives my data?
We only share your personal data that we process on our website with third parties if this is necessary to fulfill the purposes and is covered by the legal basis (e.g., consent or legitimate interests) in individual cases. Furthermore, we share personal data with third parties in individual cases if this serves to assert, exercise, or defend legal claims. Possible recipients can then be, for example, law enforcement authorities, lawyers, auditors, courts, etc.
Insofar as we use service providers for the operation of our website who process personal data on our behalf within the scope of order processing according to Art. 28 GDPR, these may be recipients of your personal data. Further information on the use of processors and web services can be found in the overview of the individual processing operations.
Do you use cookies?
Cookies are small text files that are sent by us to the browser of your device during your visit to our websites and stored there. Alternatively to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies enable us to perform various analyses, so that, for example, we are able to recognize the browser you use when you visit our website again and transmit various information to us (non-necessary cookies).
With the help of cookies, we can make our online offer more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g., country and language settings). If third parties process information via cookies, they collect the information directly through your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.
We inform about the respective services for which we use cookies in the individual processing operations. Detailed information about the cookies used can be found in the cookie settings or in the consent manager of this website.
What rights do I have?
Under the conditions of the legal provisions of the General Data Protection Regulation (GDPR), you as the data subject have the following rights:
Information according to Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
Correction according to Art. 16 GDPR of incorrect or incomplete data stored with us;
- Deletion according to Art. 17 GDPR of the data stored with us, unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for asserting, exercising, or defending legal claims;
- Restriction of processing according to Art. 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data, and you refuse their deletion because you need them to assert, exercise, or defend legal claims or you have raised an objection to the processing according to Art. 21 GDPR.
- Data portability according to Art. 20 GDPR, insofar as you have provided us with personal data based on consent according to Art. 6 para. 1 lit. a GDPR or on the basis of a contract according to Art. 6 para. 1 lit. b GDPR and these were processed by us using automated procedures. You will receive your data in a structured, common, and machine-readable format or we will transmit the data directly to another controller, insofar as this is technically feasible.
- Objection according to Art. 21 GDPR against the processing of your personal data, insofar as this is based on Art. 6 para. 1 lit. e, f GDPR and there are reasons arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing are proven or the processing is carried out for the assertion, exercise, or defense of legal claims. Where the right to object does not exist for individual processing operations, this is indicated there.
- Revocation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
- Complaint according to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace, or our company headquarters.
How are my data processed in detail?
Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data, and the respective storage duration. Automated decision-making in individual cases, including profiling, does not take place.
Provision of the website
Type and Scope of Processing
When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
Our website is not hosted by us but by a service provider who processes the aforementioned data on our behalf for this purpose according to Art. 28 GDPR.
Purpose and Legal Basis
The processing is carried out to protect our overriding legitimate interest in displaying our website and ensuring security and stability based on Art. 6 para. lit. f GDPR. The collection of data and storage in log files is essential for the operation of the website. There is no right to object to the processing due to the exception under Art. 21 para. 1 GDPR. If further storage of the log files is legally required, the processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but accessing our website is technically not possible without providing the data.
Storage Duration
The aforementioned data is stored for the duration of the website display and, for technical reasons, for a maximum of 7 days thereafter.
Contact form
Type and Scope of Processing
On our website, we offer you the option to contact us via a provided form. The information collected through mandatory fields is necessary to process the inquiry. Additionally, you can voluntarily provide extra information that you consider necessary for handling the contact request.
When using the contact form, your personal data is not passed on to third parties.
Purpose and Legal Basis
The processing of your data through the use of our contact form is for the purpose of communication and handling your inquiry based on your consent according to Art. 6 para. 1 lit. a GDPR. If your inquiry relates to an existing contractual relationship with us, the processing is for the purpose of contract fulfillment based on Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but processing your inquiry is not possible without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.
Storage Duration
If you use the contact form based on your consent, we store the data collected from each inquiry for a period of three years, starting from the completion of your inquiry or until you withdraw your consent.
If you use the contact form within the scope of a contractual relationship, we store the data collected from each inquiry for a period of three years from the end of the contractual relationship.
Newsletter
Type and Scope of Processing
If you register on our website to receive our newsletter, we collect your email address and optionally your name and store this information together with the date of registration and your IP address. Afterwards, you will receive an email in which you must confirm the newsletter registration within 72 hours (double opt-in).
An unconfirmed email address does not receive newsletters.
For sending the newsletter, we use a service from Klaviyo, Inc., which processes your personal data on our behalf according to Art. 28 GDPR. Your data will not be passed on to third parties.
Purpose and Legal Basis
We process your data for the purpose of sending the newsletter based on your consent according to Art. 6 para. 1 lit. a GDPR. By unsubscribing from the newsletter, you can revoke your consent at any time with effect for the future according to Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data, but sending the newsletter is not possible without providing your data.
Storage Duration
After successful confirmation, we store your data until you revoke your consent (unsubscribe from the newsletter) and for technical reasons for a maximum of 72 hours thereafter.
AWS S3
Type and Scope of Processing
We use AWS S3 to properly provide the content of our website. AWS S3 is a service of Amazon Web Services, Inc., which acts as a Content Delivery Network (CDN) on our website.
A CDN helps to deliver content from our online offer, especially files like graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Amazon Web Services, Inc., whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of AWS S3.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Amazon Web Services, Inc. Further information can be found in the privacy policy for AWS S3: https://aws.amazon.com/de/privacy/.
Pandectes
Pudisoo village, Männimäe/1, 74626, Kuusalu parish, Estonia
https://pandectes.io/privacy-policy/
Type and Scope of Processing
We have integrated Pandectes on our website. Pandectes is a
Consent solution that allows the consent for storing cookies to be obtained and documented. Pandectes uses cookies or other web technologies to recognize users and store the given or revoked consent.
Purpose and Legal Basis
The use of the service is based on obtaining the legally required consent for the use of cookies according to Art. 6 para. 1 lit. c GDPR and § 25 para. 2 no. 2 TDDDG.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Pandectes. Further information can be found in the privacy policy for Pandectes: https://pandectes.io/privacy-policy/
Facebook Pixel
Type and Scope of Processing
We use Meta Pixel from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, to create so-called Custom Audiences, i.e., to segment visitor groups of our online offer, determine conversion rates, and subsequently optimize them. This happens especially when you interact with advertisements we have placed with Meta Platforms Ireland Limited.
Purpose and Legal Basis
The use of Meta Pixel is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Meta Pixel: https://www.facebook.com/privacy/explanation.
Google Analytics
Type and Scope of Processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analytics service for the statistical evaluation of our online offer. This includes, for example, the number of views of our online offer, visited subpages, and the duration of visitors' stays.
Google Analytics uses cookies and other browser technologies to analyze user behavior and recognize users.
This information is used, among other things, to compile reports on website activity.
Purpose and Legal Basis
The use of Google Analytics is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.
Google Maps
Type and Scope of Processing
We use the Google Maps service to create directions. Google Maps is a service of Google Ireland Limited, which displays a map on our website.
When you access this content on our website, you connect to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, transmitting your IP address and possibly browser data such as your user agent. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Google Maps.
Purpose and Legal Basis
The use of Google Maps is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps: https://policies.google.com/privacy.
Google Tag Manager
Type and Scope of Processing
We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and allows us to control the precise integration of services on our website.
This allows us to flexibly integrate additional services to analyze user access to our website.
Purpose and Legal Basis
The use of Google Tag Manager is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
Google Ads
Type and Scope of Processing
We have integrated Google Ads on our website. Google Ads is a service from Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to analyze user behavior and recognize users.
Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider.
If you are registered with a Google Ireland Limited service, Google Ads can assign the visit to your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider identifies and stores your IP address and other identification features.
In this case, your data is passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Purpose and Legal Basis
The use of Google Ads is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy.
Trusted Shops Widget
Type and Scope of Processing
We have integrated components of Trusted Shops Widget on our website. Trusted Shops Widget is a review service that allows users to rate our services. If you rate our services, data about the service used may be transmitted to Trusted Shops GmbH to verify authenticity. Trusted Shops Widget allows us to obtain content such as reviews directly from Trusted Shops GmbH and display them on our website. For this purpose, your current IP address is usually transmitted to the service.
Furthermore, Trusted Shops Widget stores information using cookies to find out which online offers have been visited. In this case, your data is passed on to the operator of Trusted Shops Widget, Trusted Shops GmbH, Subbelrather Straße 15c, 50823 Cologne.
Purpose and Legal Basis
The use of Trusted Shops Widget is based on Art. 6 para. 1 lit. f GDPR, to inform users about the quality of our services. If the user consents to the processing of their data, the legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Trusted Shops GmbH. Further information can be found in the privacy policy for Trusted Shops Widget: https://business.trustedshops.de/impressum#datenschutz.
Shopify CDN
Type and Scope of Processing
We use Shopify CDN to properly deliver the content of our website. Shopify CDN is a service of Shopify, Inc., which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other services of Shopify, Inc. You will find a separate section in this privacy policy for these services. This section only concerns the use of the CDN.
A CDN helps to deliver content from our online offering, especially files like graphics or scripts, faster by using servers distributed regionally or internationally. When you access this content, you connect to servers of Shopify, Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Shopify CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Shopify, Inc. Further information can be found in the privacy policy for Shopify CDN: https://www.shopify.com/legal/privacy.
Hotjar Behavior Analytics
Type and Scope of Processing
We have integrated Hotjar on our website. Hotjar is a service of Hotjar Ltd. and offers optimization tools that analyze the behavior and feedback of users of our website through analysis and feedback tools.
Hotjar uses cookies and other browser technologies to analyze user behavior and recognize users.
This information is used, among other things, to compile reports about website activity and to statistically evaluate visitor data. Furthermore, Hotjar records clicks, mouse movements, and scroll depths to create so-called heatmaps and session replays.
In this case, your data is passed on to the operator of Hotjar, Hotjar Ltd., Hotjar Ltd, Level 2, St Julians Business Centre 3 Elia Zammit Street St Julians STJ 3155 Malta.
Purpose and Legal Basis
The use of Hotjar is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Hotjar Ltd. Further information can be found in the privacy policy for Hotjar: https://www.hotjar.com/privacy/.
Hotjar CDN
Type and Scope of Processing
We use Hotjar CDN to properly deliver the content of our website. Hotjar CDN is a service of Hotjar Ltd., which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other services of Hotjar Ltd. You will find a separate section in this privacy policy for these services. This section only concerns the use of the CDN.
A CDN helps to deliver content from our online offering, especially files like graphics or scripts, faster by using servers distributed regionally or internationally. When you access this content, you connect to servers of Hotjar Ltd., Hotjar Ltd, Level 2, St Julians Business Centre 3 Elia Zammit Street St Julians STJ 3155 Malta, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Hotjar CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Hotjar Ltd. Further information can be found in the privacy policy for Hotjar CDN: https://www.hotjar.com/privacy/.
Zendesk CDN
Type and Scope of Processing
We use Zendesk CDN to properly provide the content of our website. Zendesk CDN is a service of Zendesk, Inc., which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other services of Zendesk, Inc. A separate section in this privacy policy covers these services. This section only concerns the use of the CDN.
A CDN helps to provide content from our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Zendesk CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Zendesk, Inc. Further information can be found in the privacy policy for Zendesk CDN: https://zendesk.com/company/customers-partners/privacy-policy/.
Facebook CDN (Meta)
Type and Scope of Processing
We use Facebook CDN to properly provide the content of our website. Facebook CDN is a service of Meta Platforms Ireland Limited, which acts as a Content Delivery Network (CDN) on our website.
A CDN helps to provide content from our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Facebook CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out according to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The involved US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies not certified under the EU-U.S. DPF), we have agreed with the recipients of the data other suitable safeguards within the meaning of Arts. 44 ff. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, we obtain your consent for such third-country transfers according to Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We point out that there may be unknown risks in detail with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you of which we do not know, over which we have no influence, and of which you may not become aware).
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Facebook CDN: https://www.facebook.com/privacy/explanation.
Instagram CDN
Type and Scope of Processing
We use Instagram CDN to properly deliver the content of our website. Instagram CDN is a service of Meta Platforms Ireland Limited, which acts as a Content Delivery Network (CDN) on our website.
A CDN helps to provide content from our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of Instagram CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in secure and efficient delivery as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. GDPR.
Storage Duration
The specific storage duration of the processed data is not influenced by us but is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Instagram CDN: https://help.instagram.com/519522125107875.