data protection

Data protection

We have drawn up this privacy policy (version 29.09.2020-311217160) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what choices you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have endeavoured to describe the most important points as simply and clearly as possible.

Automatic data storage

When you visit websites today, certain information is automatically created and stored, including on this website.

When you visit our website as you are doing now, our web server (the computer on which this website is stored) automatically stores data such as

• the address (URL) of the website accessed
• browser and browser version
• the operating system used
• the address (URL) of the previously visited page (referrer URL)
• the host name and IP address of the device from which you are accessing the website
• Date and time

in files (web server log files).

Web server log files are usually stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out the possibility that it may be viewed in the event of illegal behaviour.

Cookies

Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. More specifically, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is essentially the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programmes and do not contain viruses, Trojans or other "malware". Cookies cannot access information on your PC.

Cookie data may look like this, for example:

• Name: _ga
• Expiration time: 2 years
• Use: Distinguishing between website visitors
• Example value: GA1.2.1326744211.152311217160

A browser should support the following minimum sizes:

• A cookie should be able to contain at least 4096 bytes
• At least 50 cookies should be able to be stored per domain
• A total of at least 3000 cookies should be able to be stored

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are four types of cookies:

Strictly necessary cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user adds a product to their shopping basket, then continues to browse other pages and only proceeds to checkout later. These cookies ensure that the shopping basket is not deleted, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behaviour and whether the user receives any error messages. These cookies are also used to measure the loading time and behaviour of the website in different browsers.

Targeted cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are stored.

Advertising cookies
These cookies are also known as targeting cookies. They are used to deliver personalised advertising to the user. This can be very practical, but also very annoying.

Usually, when you visit a website for the first time, you are asked which of these cookie types you would like to allow. And, of course, this decision is also stored in a cookie.

How can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete cookies, allow them only partially or deactivate them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not want to have any cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether or not to allow each individual cookie. The procedure varies depending on the browser. The best thing to do is to search for instructions in Google using the search term "delete cookies Chrome" or "disable cookies Chrome" in the case of a Chrome browser, or replace the word "Chrome" with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called "cookie guidelines" have been in place since 2009. These stipulate that the storage of cookies requires your consent. However, there are still very different reactions to these guidelines within EU countries. In the United Kingdom, the cookie guidelines have not been implemented as national law. Instead, this guideline has largely been implemented in Section 15(3) of the Telemedia Act (TMG).

If you would like to know more about cookies and are not afraid of technical documentation, we recommendhttps://tools.ietf.org/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) entitled "HTTP State Management Mechanism".

Storage of personal data

Personal data that you transmit to us electronically on this website, such as your name, email address, address or other personal information in the context of submitting a form or comments on the blog, will be used by us together with the time and IP address only for the specified purpose, stored securely and not passed on to third parties.

We therefore only use your personal data to communicate with visitors who expressly wish to be contacted and to process the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out the possibility that this data may be accessed in the event of unlawful behaviour.

If you send us personal data by e-mail – i.e. outside this website – we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

The legal basis, in accordance with Article 6(1)(a) of the GDPR (lawfulness of processing), is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal email is sufficient; you will find our contact details in the legal notice.

Registration for events

On our website, you have the option of registering for events via a contact form. Personal data (such as your name, contact details, etc.) that you provide to us when registering for an event will be collected by us for the purpose of organising and running the event. It is possible that your data may be passed on to co-organisers.

The data collected will only be used for the purpose of event planning and implementation and will be deleted once the purpose (implementation of the respective event) has been achieved. We only process data from you that is necessary for the organisation and implementation of the respective event.

The lawfulness of the processing is based on the consent you have given, Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future. To revoke your consent, simply send an informal email to the contact address in our legal notice. Please note that the revocation of consent does not affect the lawfulness of the processing operations that have already taken place up to the point of revocation.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you are generally entitled to the following rights:

• Right to rectification (Article 16 GDPR)
• Right to erasure ("right to be forgotten") (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object (Article 21 GDPR)
• Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Google Maps privacy policy

We use Google Maps from Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Maps allows us to show you locations more effectively and thus tailor our service to your needs. When you use Google Maps, data is transferred to Google and stored on Google's servers. Here we would like to explain in more detail what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.

What is Google Maps?

Google Maps is an internet map service provided by Google. With Google Maps, you can search for the exact locations of cities, landmarks, accommodation or businesses online via a PC, tablet or app. If businesses are listed on Google My Business, additional information about the company is displayed alongside the location. To show how to get there, map sections of a location can be embedded in a website using HTML code. Google Maps shows the Earth's surface as a road map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite images, very accurate representations are possible.

Why do we use Google Maps on our website?

All our efforts on this page are aimed at providing you with a useful and meaningful experience on our website. By integrating Google Maps, we can provide you with the most important information about various locations. You can see at a glance where our company is based. The directions always show you the best or fastest way to get to us. You can call up directions for routes by car, public transport, on foot or by bicycle. For us, providing Google Maps is part of our customer service.

What data is stored by Google Maps?

In order for Google Maps to offer its full range of services, the company must collect and store data from you. This includes the search terms you enter, your IP address and your latitude and longitude coordinates. If you use the route planner function, the start address you enter is also stored. However, this data is stored on the Google Maps website. We can only inform you about this, but we cannot influence it. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behaviour. Google primarily uses this data to optimise its own services and to provide you with individual, personalised advertising.

The following cookie is set in your browser due to the integration of Google Maps:

Name: NID
Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ311217160-5
Purpose: NID is used by Google to tailor advertisements to your Google search. With the help of the cookie, Google "remembers" your most frequently entered search queries or your previous interaction with advertisements. This ensures that you always receive tailor-made advertisements. The cookie contains a unique ID that Google uses to collect your personal settings for advertising purposes.
Expiry date: after 6 months

Note: We cannot guarantee that the information provided about the stored data is complete. Changes can never be ruled out, especially when using cookies. In order to identify the NID cookie, a separate test page was created that only included Google Maps.

How long and where is the data stored?

Google's servers are located in data centres around the world. However, most servers are located in America. For this reason, your data is increasingly stored in the USA. You can find out exactly where Google's data centres are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de

Google distributes the data across various data carriers. This makes the data more quickly accessible and better protected against any attempts at manipulation. Each data centre also has special emergency programmes. For example, if there are problems with Google's hardware or a natural disaster paralyses the servers, the data remains fairly secure and protected.

Google stores some data for a specified period of time. For other data, Google only offers the option of deleting it manually. The company also anonymises information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 or 18 months.

How can I delete my data or prevent data storage?

With the automatic deletion function for location and activity data introduced in 2019, information about location and web/app activity is stored for either 3 or 18 months, depending on your decision, and then deleted. You can also manually delete this data from your history at any time via your Google Account. If you want to completely prevent your location from being tracked, you must pause the "Web & App Activity" section in your Google Account. Click on "Data & personalisation" and then on the "Activity settings" option. Here you can turn activities on or off.

You can also disable, delete or manage individual cookies in your browser. Depending on which browser you use, this works slightly differently. The following instructions show you how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you do not want cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie or not.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. If you would like to learn more about Google's data processing, we recommend that you read the company's own privacy policy at https://policies.google.com/privacy?hl=de.

Google Fonts Privacy Policy

We use Google Fonts on our website. These are the "Google fonts" from Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google when using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at exactly how data storage works.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts thatGooglemakes available to its users free of charge.

Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licences.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component in maintaining the high quality of our website. All Google fonts are automatically optimised for the web, which saves data volume and is a great advantage, especially for use with mobile devices. When you visit our site, the low file size ensures fast loading times. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes distort text or entire web pages visually. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform issues with Google Fonts. Google Fonts supports all popular browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible.

What data is stored by Google?

When you visit our website, the fonts are downloaded via a Google server. This external call transmits data to the Google servers. This also allows Google to recognise that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests at Google and is therefore protected. The usage figures collected enable Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to examine and move large amounts of data.

However, it should be noted that every Google Font request automatically transmits information such as language settings, IP address, browser version, browser screen resolution and browser name to Google's servers. It is not clear whether this data is also stored, nor is this clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets on its servers, which are mainly located outside the EU, for one day. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. Google's goal is to improve the loading time of websites. When millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Google sometimes updates font files to reduce file size, increase language coverage and improve design.

How can I delete my data or prevent data storage?

Data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311217160. In this case, you can only prevent data storage by not visiting our site.

Unlike other web fonts, Google gives us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts, allowing us to get the most out of our website. You can find more information about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311217160. Although Google addresses data protection issues there, it does not provide detailed information about data storage. It is relatively difficult to obtain precise information from Google about stored data.

You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Embedded social media elements Privacy policy

We embed elements from social media services on our website to display images, videos and text.
When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links will take you to the pages of the respective social media services where you can find out how they handle your data:

• Instagram privacy policy: https://help.instagram.com/519522125107875
• The Google Privacy Policy applies to YouTube: https://policies.google.com/privacy?hl=de
• Facebook Data Policy:https://www.facebook.com/about/privacy
• Twitter Privacy Policy:https://twitter.com/de/privacy

Facebook Privacy Policy

We use selected Facebook tools on our website. Facebook is a social media network owned by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. These tools enable us to offer you and other people interested in our products and services the best possible experience. Below is an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data.

What are Facebook tools?

Among many other products, Facebook also offers what it calls "Facebook Business Tools". This is the official name used by Facebook. However, as this term is not widely known, we have decided to simply refer to them as Facebook tools. These include, among others:

• Facebook pixels
• Social plug-ins (such as the "Like" or "Share" button)
• Facebook Login
• Account Kit
• APIs (application programming interfaces)
• SDKs (collection of programming tools)
• Platform integrations
• Plugins
• Codes
• Specifications
• Documentation
• Technologies and services

These tools enable Facebook to expand its services and obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We only want to show our services and products to people who are genuinely interested in them. With the help of advertisements (Facebook Ads), we can reach exactly these people. However, in order to show users relevant advertisements, Facebook needs information about people's wishes and needs. This provides the company with information about user behaviour (and contact details) on our website. This enables Facebook to collect better user data and show interested people relevant advertisements about our products and services. The tools thus enable tailor-made advertising campaigns on Facebook.

Facebook refers to data about your behaviour on our website as "event data". This data is also used for measurement and analysis services. Facebook can thus create "campaign reports" on our behalf about the effectiveness of our advertising campaigns. Furthermore, analyses give us better insight into how you use our services, website or products. This allows us to optimise your user experience on our website with some of these tools. For example, you can use the social plug-ins to share content on our site directly on Facebook.

What data is stored by Facebook tools?

When you use individual Facebook tools, personal data (customer data) may be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address may be sent.

Facebook uses this information to compare the data with the data it already has about you (if you are a Facebook member). Before customer data is transmitted to Facebook, it undergoes a process known as "hashing". This means that a data record of any size is transformed into a character string. This also serves to encrypt data.

In addition to contact details, "event data" is also transmitted. "Event data" refers to the information we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally obliged to do so. "Event data" can also be linked to contact details. This enables Facebook to offer better personalised advertising. After the aforementioned matching process, Facebook deletes the contact details again.

In order to deliver optimised advertisements, Facebook only uses event data if it has been combined with other data (collected by Facebook in other ways). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, different numbers of cookies are created in your browser. We go into more detail about individual Facebook cookies in the descriptions of the individual Facebook tools. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where is the data stored?

Facebook generally stores data until it is no longer needed for its own services and Facebook products. Facebook has servers located around the world where your data is stored. However, customer data is deleted within 48 hours after it has been matched with your own user data.

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to access, correct, transfer and delete your data.

Complete deletion of your data will only occur if you delete your Facebook account entirely. Here's how to delete your Facebook account:

1) Click on Settings on the right-hand side of Facebook.

2) Then click on "Your Facebook Information" in the left-hand column.

3) Now click on 'Deactivation and deletion'.

4) Now select "Delete Account" and then click on "Continue and Delete Account".

5) Enter your password, click on "Continue" and then on "Delete Account".

The data that Facebook receives via our site is stored using cookies (e.g. for social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. The following instructions show you how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you do not want to have cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether or not to allow each individual cookie.

Facebook is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC. We hope we have provided you with the most important information about the use and data processing by Facebook tools. If you would like to learn more about how Facebook uses your data, we recommend that you read the data policy at https://www.facebook.com/about/privacy/update.

Facebook social plug-ins privacy policy

Our website incorporates social plug-ins from Facebook Inc. You can recognise these buttons by the classic Facebook logo, such as the "Like" button (the hand with a raised thumb) or a clear "Facebook plug-in" label. A social plug-in is a small part of Facebook that is integrated into our site. Each plug-in has its own function. The most commonly used functions are the familiar "Like" and "Share" buttons.

Facebook offers the following social plug-ins:

• "Save" button
• "Like" button, share, send and quote
• Page plug-in
• Comments
• Messenger plug-in
• Embedded posts and video player
• Group plug-in

You can find more information on how to use the individual plug-ins at https://developers.facebook.com/docs/plugins. We use social plug-ins to provide you with a better user experience on our site and to enable Facebook to optimise our advertisements.

If you have a Facebook account or have visited facebook.com before, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plug-ins (e.g. the "Like" button).

The information received is deleted or anonymised within 90 days. According to Facebook, this data includes your IP address, the website you visited, the date, the time and other information relating to your browser.

To prevent Facebook from collecting a lot of data during your visit to our website and linking it to Facebook data, you must log out of Facebook while visiting the website.

If you are not logged in to Facebook or do not have a Facebook account, your browser will send less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you visit may be transmitted to Facebook. We would like to expressly point out that we do not know the exact content of the data. However, we try to inform you as best we can about data processing based on our current knowledge. You can also read about how Facebook uses data in the company's data policy at https://www.facebook.com/about/privacy/update.

The following cookies are set in your browser at a minimum when you visit a website with social plug-ins from Facebook:

Name: dpr
Value: not specified
Purpose: This cookie is used to enable the social plug-ins on our website to function.
Expiry date: after the end of the session

Name: fr
Value: 0jieyh4311217160c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose:This cookie is also necessary for the plug-ins to function properly.
Expiry date:after 3 months

Note: These cookies were set after a test, even if you are not a Facebook member.

If you are logged in to Facebook, you can change your advertising settings yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.If you are not a Facebook user, you can manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/grundsätzlich. There you have the option of deactivating or activating providers.

If you would like to learn more about Facebook's data protection, we recommend that you read the company's own data protection policy at https://www.facebook.com/policy.php.

Instagram privacy policy

We have integrated Instagram features into our website. Instagram is a social media platform owned by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is one of Facebook's products. The embedding of Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit pages on our website that have an Instagram feature integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is therefore processed across all Facebook companies.

Below, we would like to give you a more detailed insight into why Instagram collects data, what data is involved and how you can largely control data processing. As Instagram belongs to Facebook Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines themselves on the other.

What is Instagram?

Instagram is one of the most popular social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. On "Insta" (as many users casually call the platform), you can upload photos and short videos, edit them with various filters, and share them on other social networks. And if you don't want to be active yourself, you can just follow other interesting users.

Why do we use Instagram on our website?

Instagram is the social media platform that has really taken off in recent years. And, of course, we have also responded to this boom. We want you to feel as comfortable as possible on our website. That's why it goes without saying that we want to present our content in a varied way. The embedded Instagram features allow us to enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalised advertising on Facebook. This means that our ads are only shown to people who are genuinely interested in our products or services.

Instagram also uses the collected data for measurement and analysis purposes. We receive summarised statistics, giving us more insight into your wishes and interests. It is important to note that these reports do not identify you personally.

What data is stored by Instagram?

When you visit one of our pages that has Instagram features (such as Instagram images or plug-ins), your browser automatically connects to Instagram's servers. Data is sent to Instagram, stored and processed, regardless of whether you have an Instagram account or not. This includes information about our website, your computer, purchases made, advertisements you see and how you use our services. The date and time of your interaction with Instagram is also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.

Facebook distinguishes between customer data and event data. We assume that this is also the case with Instagram. Customer data includes, for example, name, address, telephone number and IP address. It is important to note that this customer data is only transmitted to Instagram after it has been "hashed". Hashing means that a data record is converted into a character string. This allows the contact details to be encrypted. In addition, the above-mentioned "event data" is also transmitted. Facebook – and consequently Instagram – defines "event data" as data about your user behaviour. Contact data may also be combined with event data. The contact data collected is compared with the data that Instagram already has about you.

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram features you use and whether you have an Instagram account yourself, different amounts of data are stored.

We assume that data processing on Instagram works in the same way as on Facebook. This means that if you have an Instagram account or have visited www.instagram.com, Instagram has at least set a cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. After 90 days at the latest (after reconciliation), this data is deleted or anonymised. Although we have looked closely at Instagram's data processing, we cannot say exactly what data Instagram collects and stores.

Below, we show you the cookies that are set in your browser at a minimum when you click on an Instagram feature (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. If you are logged into Instagram, significantly more cookies will of course be set in your browser.

These cookies were used in our test:

Name: csrftoken
Value: " "
Purpose: Thiscookie is most likely set for security reasons to prevent fake requests. However, we were unable to find out more specific details.
Expiry date: after one year

Name: mid
Value: " "
Purpose: Instagram sets this cookie to optimise its own services and offers both within and outside of Instagram. The cookie assigns a unique user ID.
Expiry date: after the end of the session

Name: fbsr_311217160124024
Value: no information
Purpose: Thiscookie stores the log-in request for users of the Instagram app. 
Expiry date: after the end of the session

Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram.
Expiry date: after the end of the session

Name: urlgen
Value: " {\"194.96.75.33": 1901}:1iEtYv:Y833k2_UjKvXgYe311217160"
Purpose: This cookie is used for Instagram's marketing purposes.
Expiry date: after the end of the session

Note: We cannot claim to be exhaustive here. Which cookies are set in each individual case depends on the embedded functions and your use of Instagram.

How long and where is the data stored?

Instagram shares the information it receives with external partners and with people you connect with worldwide. Data processing is carried out in accordance with its own data policy. For security reasons, among others, your data is distributed across Facebook servers around the world. Most of these servers are located in the United States.

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to access, transfer, correct and delete your data. You can manage your data in the Instagram settings. If you want to completely delete your data on Instagram, you must permanently delete your Instagram account.

Here's how to delete your Instagram account:

First, open the Instagram app. On your profile page, scroll down and click on "Help Centre". You will now be taken to the company's website. On the website, click on "Manage your account" and then on "Delete your account".

When you delete your account completely, Instagram deletes posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and will therefore not be deleted.

As mentioned above, Instagram primarily stores your data via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, the management works a little differently. Here we show you the instructions for the most important browsers.

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

You can also set your browser to always notify you when a cookie is about to be set. This allows you to decide individually whether you want to accept the cookie or not.

Instagram is a subsidiary of Facebook Inc. and Facebook is an active participant in the EU-U.S. Privacy Shield Framework. This framework ensures the correct transfer of data between the USA and the European Union. Youcan find outmore about this athttps://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC.We have tried to provide you with the most important information about data processing by Instagram. At https://help.instagram.com/519522125107875 
you can find out more about Instagram's data policy.

YouTube Privacy Policy

We have embedded YouTube videos on our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has a YouTube video embedded in it, your browser automatically connects to the YouTube or Google servers. Various data is transferred (depending on your settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European area.

Below, we explain in more detail what data is processed, why we have embedded YouTube videos and how you can manage or delete your data.

What is YouTube?

On YouTube, users can watch, rate, comment on and upload videos free of charge. Over the last few years, YouTube has become one of the most important social media channels worldwide. YouTube provides a code snippet that we have incorporated into our website so that we can display videos on our website.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And, of course, interesting videos are a must. With the help of our embedded videos, we provide you with additional helpful content alongside our texts and images. In addition, our website is easier to find on the Google search engine thanks to the embedded videos. Even when we place advertisements via Google Ads, Google can only show these ads to people who are interested in our offers, thanks to the data collected.

What data is stored by YouTube?

As soon as you visit one of our pages that has a YouTube video embedded in it, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet service provider. Other data may include contact details, any reviews, sharing content via social media or adding to your favourites on YouTube.

If you are not logged into a Google account or YouTube account, Google stores data with a unique identifier linked to your device, browser or app. This allows your preferred language setting to be retained, for example. However, much interaction data cannot be stored because fewer cookies are set.

The following list shows cookies that were set in a browser test. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete because user data always depends on interactions on YouTube.

Name: YSC
Value: b9-CV6ojI5Y311217160-1
Purpose: This cookie registers a unique ID to store statistics about the video viewed.
Expiry date: after the end of the session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiry date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie records your unique ID on mobile devices in order to track your GPS location.
Expiry date:after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube videos).
Expiry date:after 8 months

Additional cookies that are set when you are logged in with your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7311217160-
Purpose: This cookie is used to create a profile of your interests. The data is used for personalised advertising.
Expiry date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to the use of various Google services. CONSENT also serves security purposes to verify users and protect user data from unauthorised attacks.
Expiry date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile of your interests. This data helps to display personalised advertising.
Expiry date:after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login details.
Expiry date:after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests.
Expiry date:after 2 years

Name: SID
Value: oQfNKjAsI311217160-
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiry date:after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and which advertisements you may have seen before visiting our site.
Expiry date:after 3 months

How long and where is the data stored?

The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de, you can see exactly where the Google data centres are located. Your data is distributed across the servers. This means that the data can be accessed more quickly and is better protected against manipulation.

Google stores the collected data for varying lengths of time. You can delete some data at any time, while other data is automatically deleted after a limited period of time and still other data is stored by Google for a longer period of time. Some data (such as items from "My Activity", photos or documents, products) stored in your Google account will remain stored until you delete it. Even if you are not logged into a Google account, you can delete some data associated with your device, browser or app.

How can I delete my data or prevent data storage?

In principle, you can delete data in your Google Account manually. With the automatic deletion function for location and activity data introduced in 2019, information is stored for either 3 or 18 months, depending on your decision, and then deleted.

Regardless of whether you have a Google account or not, you can configure your browser to delete or disable Google cookies. Depending on which browser you use, this works in different ways. The following instructions show you how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not want cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie or not. As YouTube is a subsidiary of Google, there is a joint privacy policy. If you would like to learn more about how your data is handled, we recommend reading the privacy policy at https://policies.google.com/privacy?hl=de.

YouTube Subscribe button Privacy policy

We have integrated the YouTube Subscribe button into our website. You can usually recognise the button by the classic YouTube logo. The logo shows the words "Subscribe" or "YouTube" in white lettering on a red background, with the white "play" symbol to the left. However, the button may also have a different design.

Our YouTube channel offers you a constant stream of funny, interesting or exciting videos. With the integrated "Subscribe button", you can subscribe to our channel directly from our website and do not have to visit the YouTube website separately. We want to make access to our comprehensive content as easy as possible for you. Please note that YouTube may store and process your data as a result.

When you see a built-in subscribe button on our site, YouTube sets at least one cookie, according to Google. This cookie stores your IP address and our URL. YouTube can also obtain information about your browser, your approximate location and your default language. In our test, the following four cookies were set without being logged in to YouTube:

Name: YSC
Value: b9-CV6ojI5311217160Y
Purpose: This cookie registers a unique ID to store statistics about the video viewed.
Expiry date: after the end of the session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiry date:after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices in order to track your GPS location.
Expiry date:after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 31121716095Chz8bagyU
Purpose: This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube videos).
Expiry date:after 8 months

Note: These cookies were set after a test and cannot claim to be complete.

If you are logged into your YouTube account, YouTube can use cookies to store many of your actions/interactions on our website and assign them to your YouTube account. This provides YouTube with information such as how long you surf our site, what type of browser you use, what screen resolution you prefer, or what actions you perform.

YouTube uses this data to improve its own services and offerings, as well as to provide analyses and statistics for advertisers (who use Google Ads).

Google reCAPTCHA Privacy Policy

Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA, we can determine whether you are a real person and not a robot or other spam software. By spam, we mean any unsolicited information that is sent to us electronically. With traditional CAPTCHAS, you usually had to solve text or image puzzles for verification. With Google's reCAPTCHA, we usually don't have to bother you with such puzzles. In most cases, it is sufficient to simply tick a box to confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don't even have to tick a box. You can find out exactly how this works and, above all, what data is used for this purpose in the course of this privacy policy.

What is reCAPTCHA?

reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when you fill out forms on the internet. A captcha service is a type of automatic Turing test designed to ensure that an action on the internet is performed by a human and not a bot. In the classic Turing test (named after computer scientist Alan Turing), a human determines the difference between a bot and a human. With captchas, this is also done by a computer or software programme. Classic captchas work with small tasks that are easy for humans to solve but present considerable difficulties for machines. With reCAPTCHA, you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish humans from bots. All you have to do is tick the "I am not a robot" text box, or in the case of Invisible reCAPTCHA, even that is no longer necessary. With reCAPTCHA, a JavaScript element is embedded in the source code and the tool then runs in the background and analyses your user behaviour. The software calculates a so-called captcha score from these user actions. Google uses this score to calculate the probability that you are a human even before you enter the captcha. reCAPTCHA and captchas in general are always used when bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We only want to welcome real people to our site. Bots or spam software of any kind are welcome to stay at home. That's why we do everything we can to protect ourselves and offer you the best possible user experience. For this reason, we use Google reCAPTCHA from Google. This allows us to be fairly certain that we remain a "bot-free" website. When you use reCAPTCHA, data is sent to Google to check if you're really a human. So reCAPTCHA helps keep our website safe and, as a result, keeps you safe too. Without reCAPTCHA, for example, a bot could register as many email addresses as possible during registration in order to subsequently "spam" forums or blogs with unwanted advertising content. With reCAPTCHA, we can prevent such bot attacks.

What data is stored by reCAPTCHA?

reCAPTCHA collects personal data from users to determine whether the actions on our website are actually performed by humans. This means that the IP address and other data required by Google for the reCAPTCHA service may be sent to Google. IP addresses are almost always truncated within the member states of the EU or other signatory states to the Agreement on the European Economic Area before the data is sent to a server in the United States. The IP address is not combined with other data from Google unless you are logged into your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) are already placed on your browser. reCAPTCHA then sets an additional cookie in your browser and captures a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive. Rather, these are examples of data that, to our knowledge, is processed by Google.

• Referrer URL (the address of the page from which the visitor comes)
• IP address (e.g. 256.123.123.1)
• Information about the operating system (the software that enables your computer to operate. Well-known operating systems are Windows, Mac OS X or Linux)
• Cookies (small text files that store data in your browser)
• Mouse and keyboard behaviour (every action you perform with the mouse or keyboard is stored)
• Date and language settings (the language and date you have set on your PC are stored)
• All JavaScript objects (JavaScript is a programming language that enables websites to adapt to the user. JavaScript objects can collect all kinds of data under one name)
• Screen resolution (indicates how many pixels the image display consists of)

It is undisputed that Google uses and analyses this data even before you click on the "I am not a robot" checkbox. With the Invisible reCAPTCHA version, there is no need to tick the box and the entire recognition process runs in the background. Google does not provide detailed information about exactly how much and what data it stores.

The following cookies are used by reCAPTCHA: We refer here to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:

Name: IDE
Value:WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-311217160-8
Purpose: This cookie is set by DoubleClick (also owned by Google) to record and report a user's actions on the website when interacting with advertisements. This allows the effectiveness of advertising to be measured and appropriate optimisation measures to be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year

Name: 1P_JAR
Value:2019-5-14-12
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can be used to prevent a user from seeing the same advertisement more than once.
Expiry date: after one month

Name: ANID
Value:U7j1v3dZa3112171600xgZFmiqWppRWKOr
Purpose: We were unable to find out much information about this cookie. In Google's privacy policy, the cookie is mentioned in connection with "advertising cookies" such as "DSID", "FLC", "AID" and "TAID". ANID is stored under the domain google.com.
Expiry date: after 9 months

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to use various Google services. CONSENT also serves security purposes to verify users, prevent login information fraud and protect user data from unauthorised attacks.
Expiry date: after 19 years

Name: NID
Value: 0WmuWqy311217160zILzqV_nmt3sDXwPeM5Q
Purpose: NID is used by Google to tailor advertisements to your Google searches. With the help of this cookie, Google "remembers" your most frequently entered search queries or your previous interaction with advertisements. This ensures that you always receive tailored advertisements. The cookie contains a unique ID to collect the user's personal settings for advertising purposes.
Expiry date: after 6 months

Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc311217160-4
Purpose: This cookie is set as soon as you tick the "I am not a robot" box. The cookie is used by Google Analytics for personalised advertising. DV collects information in anonymised form and is also used to differentiate between users.
Expiry date: after 10 minutes

Note: Thislist cannot claim to be exhaustive, as experience has shown that Google frequently changes its choice of cookies.

How long and where is the data stored?

When you insert reCAPTCHA, your data is transferred to the Google server. Even after repeated enquiries, Google has not clarified exactly where this data is stored. Without confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on European or American Google servers. The IP address that your browser transmits to Google is not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged.In this case, Google's different privacy policy applies.

How can I delete my data or prevent data storage?

If you do not want any data about you and your behaviour to be transmitted to Google, you must log out of Google completely and delete all Google cookies before visiting our website or using the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our site. To delete this data, you must contact Google Support at https://support.google.com/?hl=de&tid=311217160.

By using our website, you agree that Google LLC and its representatives may automatically collect, process and use data.

You can find out more about reCAPTCHA on Google's web developer page at https://developers.google.com/recaptcha/. Although Google goes into more detail about the technical development of reCAPTCHA here, you will not find any specific information about data storage and data protection issues. A good overview of the basic use of data at Google can be found in the company's own privacy policy at https://www.google.com/intl/de/policies/privacy/.

Source: Created with thedata protection generator from AdSimple in cooperation with justmed.de