Skip navigation
Skip

We use technologies (e.g. cookies) on our website to store and retrieve personal data on user devices. Some of these are necessary, while others are not, but help us to improve our online offering and operate it economically. You can consent to the use of non-essential cookies by clicking on the ‘Accept All’ button or decide otherwise by clicking on ‘Reject’. Consent covers all preselected or selected cookies/technologies/services and may also include the processing of data outside the European Union. You can access these settings at any time and deselect them at any time (in the privacy policy and in the footer of our website). Further information is available in our Privacy Policy and our Legal Notice.

SettingsRejectAccept
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Legal

Data protection

Privacy Policy

Thank you for your interest in our website. The protection of your personal data is very important to us. We comply with the legal regulations on data protection and data security.

In particular, we are subject to the provisions of the General Data Protection Regulation (GDPR),the Federal Data Protection Act in the version applicable since 25 May 2018(BDSG) and the Digital Services Act (DDG) as well as the TelecommunicationsDigital Services Data Protection Act (TDDDG). According to these regulations, we are entitled to collect and use personal data to the extent necessary to enable you to use our website at www.ruhrdot.com, including all services and functions contained therein.

Below you will find information about what personal data we collect when you use our website andthe services and functions contained therein, and how we use this data and for what purposes.

I. Name and address of the controller

The controller within the meaning of the GeneralData Protection Regulation and other national data protection laws of theMember States as well as other data protection regulations is:

ruhrdot GmbH
Bismarckstraße 5
45128 Essen

Tel.: +49-201-85890990
Website: www.ruhrdot.com

II. Name and address of the data protection officer

The data protection officer of the controller is:

Johannes Schwiegk
Datenzeit GmbH
Friedrich-Engels-Allee 200
D-42285 Wuppertal

Tel.: +49-202-94794940
E-Mail: datenschutz@datenzeit.de
Website: https://www.datenzeit.de/

III. General information on data processing

1.     Scope of personal data processing

We only process our users' personal data to the extent necessary to provide a functional website and our content and services. The processing of our users' personal data is carried out regularly only with the user's consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted bylaw.

2.     Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU GeneralData Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 (1)(c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art.6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art.6 para. 1 lit. f GDPR serves as the legal basis for processing.

3.     Data deletion and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws or other provisions to which the controller is subject . The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

IV. Provision of the website and creation of logfiles

1.     Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

We cannot assign this data to specific individuals. We do not combine this data with other data sources.

The legal basis for the temporary storage of data isArt. 6 para. 1 lit. f GDPR.

2.     Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. The storage also serves to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.

These purposes also constitute our legitimate interest in data processing in accordance with Art. 6(1)(f) GDPR.

3.     Duration of storage

The data is deleted as soon as it is no longer required for the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended. In addition, the data is deleted after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or anonymised so that it is no longer possible to assign them to the calling client.

4.     Right to object and right to erasure

The collection of data for the provision of thewebsite and the storage of data in log files is essential for the operation ofthe website. Consequently, there is no possibility for the user to object.

V. Use of cookies

1. Description and scope of data processing

In addition to the aforementioned data, cookies are storedon your computer when you use this website. Cookies are small text files thatare stored on your hard drive and assigned to the browser you are using, andthrough which we receive certain information. Cookies cannot execute programmesor transfer viruses to your computer. They serve to make the Internet offeringmore user-friendly and effective overall. This website uses the following typesof cookies, the scope and functionality of which are explained below:

Cookie & Cookie groups
Essential

Essential cookies enable basic functions and are necessary for the website to function properly.

Finsweet Consent Pro Cookie

Name: Finsweet Consent Pro

Provider: Owner of this website

Purpose: Stores the settings selected by visitors in the Finsweet Consent Pro cookie box.

Cookie name: finsweetconsentpro

Cookie duration: 1 Jahr

Statistics

Statistics cookies collect information anonymously. This information helps us understand how ourvisitors use our website.

Google Analytics

Name: Google Analytics

Provider: Google LLC

Purpose: Cookie from Google for website analysis. Generates statistical data about how visitors use the website.

Privacy: https://policies.google.com/privacy

Cookie name: _ga,_gat,_gid

Cookie duration: 2 years

In addition to these persistent cookies, there are also transient cookies.

Transient cookies are automatically deleted when you close your browser. These include, in particular, session cookies. These store aso-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close your browser.

Persistent cookies, on the other hand, are automatically deleted after a specified period of time, which may vary depending on the cookie. You can configure these persistent cookies according to your preferences via our cookie banner, which is displayed when you first visit our website and after you have automatically or manually deleted the cookies, and which also refers to this privacy policy, and you can, for example, refuse to accept third-party cookies. Please note that in such cases you may not be able to use all the functions of this website.In addition to the configuration options via the cookie banner that appears when you visit our website, you can also set your preferences using the button in the lower left corner.

2. Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 (1) (a), (c) and (f) GDPR.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. In addition, we must use cookies in order to comply with our legal obligations and accountability requirements under the GDPR.For this, it is necessary that the browser is recognised even after a page change. The user data collected by technically necessary cookies is not used to create user profiles. Analysis cookies are used for the purpose of improving the quality of our website and its content. They are only set after the user has given their consent (Art. 6 para. 1 sentence 1 lit. a GDPR). The analysis cookies tell us how the website is used and enable us to continuously optimise our offering. These purposes also constitute our legitimate interest in the processing of personal data in accordance with Art. 6 (1) (f) GDPR.

4. Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you have full control over the use of cookies. In addition, you can use the configuration options mentioned above via the cookie banner displayed when you visit our website and via the button in this privacy policy, which allow you as a user to deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

 VI. Newsletter

1.     Description and scope of data processing

You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input mask is transmitted to us.

We verify your consent to receive our newsletter by email using the double opt-in procedure. This means that we first send an email to the email address you provided during registration to actively confirm your consent to receive the newsletter before we start sending it to you. We use the confirmation information to document your consent and, if necessary, to prove it.

Furthermore, under certain conditions, we may send you our newsletter without your consent. Within the framework of existing customer relationships, we are legally permitted to advertise similar goods and services by email without obtaining your consent. In connection with data processing for the purpose of sending newsletters, no data is passed on to third parties. The data will be used exclusively for sending the newsletter.

2.     Legal basis for data processing

The legal basis for processing the data after registering for the newsletter is your consent in accordance with Art. 6 (1) (a) GDPR. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG (German Unfair Competition Act).

3.     Purpose of data processing

The user's email address is collected for the purpose of delivering the newsletter. Other personal data collected during the registration process is used to prevent misuse of the services or the email address used.

4.     Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. The user's email address will therefore be stored for as long as the newsletter subscription is active.

5.     Right to object and right to erasure

The newsletter subscription can be cancelled by the user concerned at any time without incurring any costs other than the transmission costs according to the basic tariffs. For this purpose, there is a corresponding link in every newsletter.

The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent. If you revoke your consent, we will delete this data and no longer send you newsletters.

 VII. Contact form and email contact

1.         Description and scope of data processing

Our website has a contact form that can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored.

Your information about the processing of the data with reference to this privacy policy is documented as part of the sending process.

Alternatively, you can contact us via the email address provided. In this case, the user's personal data transmitted with the email will be stored.

In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.

2.     Legal basis for data processing

The legal basis for the processing of the data is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. bGDPR.

3.     Purpose of data processing

The processing of personal data from the input mask serves us solely for the purpose of processing the contact request. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4.     Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

5.     Right to object and right to erasure

The user has the option of revoking their consent to the processing of their personal data at any time. If the user contacts usby email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of establishing contact will be deleted in this case.

VIII. Applications

1.     Description and scope of data processing

Your application data will be reviewed by the HumanResources department upon receipt of your application. Suitable applications will then be forwarded internally to the department managers responsible for the respective vacant position. The next steps will then be coordinated. Within the company, only those persons who need access to your data for the proper execution of our application process will have access to it. The data will be processed exclusively in data centres in the Federal Republic of Germany.

2.     Legal basis for data processing

The legal basis for the processing of your personal data in the application process is primarily Section 26 of the German FederalData Protection Act (BDSG) in the version applicable since 25 May 2018 and Article6(1)(b) of the GDPR. According to this, the processing of data that is necessary in connection with the decision to establish an employment relationship is permissible.

If the data is required for legal purposes after the application process has been completed, data processing may be carried out on the basis of the requirements of Art. 6 GDPR, in particular for the purpose of safeguarding legitimate interests pursuant to Art. 6 (1) (f) GDPR. Our interest then lies in asserting or defending claims.

3.     Purpose of data processing

We process the data you have sent us in connection with your application in order to assess your suitability for the position (or other open positions in our company, if applicable) and to carry out the application process.

4.     Duration of storage

Data from applicants will be deleted after 6 months in the event of rejection.

If you have consented to the further storage of your personal data, we will transfer your data to our applicant pool. There, the data is usually deleted after two years.

If you are offered a position as part of the application process, the data will be transferred from the applicant data system to our personnel information system.

IV. Use of Google Tag Manager

1. Scope of processing of personal data

Google Tag Manager is used on this page. This service is provided by Google Ireland Limited, Gordon House, Barrow Street,Dublin 4, Ireland, or Google LLC, Mountain View 1600 Amphitheatre ParkwayMountain View, CA 94043 USA. The data processed includes only your IP address, which is necessary to run Google Tag Manager, but is not collected without your consent (e.g. through appropriate settings in your browser or our consent management tool). Tag Manager itself does not create user profiles or store cookies.

The data may be processed in the USA. In cases where personal data is transferred to the USA, Google has submitted to theEU-U.S. Data Privacy Framework and also uses the EU Commission's standard contractual clauses. Further information on this is available at https://business.safety.google/adsprocessorterms/

2. Legal basis for the processing of personal data

The legal basis for the use of Google Tag Manager is your consent in accordance with Art. 6 (1) (a) GDPR.

3. Purpose of data processing

By using Google Tag Manager, we are able to manage so-called website tags via an interface and thus integrate other services into our online offering (please refer to the further and specific information in this privacy policy).

4. Duration of storage

We would like to point out that we have no specific knowledge of the data transmitted or its use by Google. Further information on Google Tag Manager is available at https://marketingplatform.google.com/intl/en/about/tag-manager/.Google's applicable data protection regulations can be found at https://www.google.com/policies/privacy/.

5. Right to object and right to erasure

You can revoke your consent at any time by changing the settings in our consent management tool. Please note that your objection has no effect on the lawfulness of data processing up to that point.

The processing of data by Google can also be changed and excluded at https://adssettings.google.com/authenticated.

X. Web analysis by Google Analytics

1. Scope of processing personal data

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland. Google Analytics may use cookies on users' computers (see above for information on cookies) and enables us to analyse your use of our website. For example, we take into account which content you have accessed within one or more usage sessions, which search terms you have used and how you have interacted with our online offering overall. The time of use and duration are also stored, as well as technical aspects of your end devices and browsers. For this purpose, pseudonymous user profiles are created with information from the use of various devices. Google Analytics is used to determine and provide data on geographical location. The following metadata is collected using IP search:city (and the derived latitude and longitude of the city), continent, country, region, subcontinent (and the ID-based equivalents). To ensure the protection of European users' personal data in the EU, Google receives and processes all data via domains and servers within the EU. The IP address of users is not logged and is truncated by default to the last two digits, with the truncation taking place on European servers for European users.

The information collected through the use of GoogleAnalytics is used by Google on our behalf to evaluate your use of our website, to compile reports on website activity and to provide other services related to the use of our website and the internet. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Full or unabridged IP addresses are not transferred to Google servers in the USA, so it should be impossible for personal data to be transferred to the USA. However, in cases where personal data is transferred to the USA, Google has submitted to the EU-US Data Privacy Framework.

2. Legal basis for the processing of personal data

The legal basis for the use of Google Analytics isArt. 6 (1) (a) GDPR, i.e. your consent, which you have given via our cookie banner or consent management tool for the data processing described.

3. Purpose of data processing

The processing of users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. By anonymising IP addresses, the interests of users in the protection of their personal data are sufficiently taken into account.

4. Duration of storage

The data is deleted as soon as it is no longer required for our recording purposes. Furthermore, we would like to point out that, as the provider of the pages, we have no further knowledge of the content of the transmitted data or its use by Google. Further information on this can be found in Google's privacy policy at https://policies.google.com/privacy.

5. Right to object and right to erasure

You can revoke your consent at any time with future effect by changing the settings in our cookie banner or consent management tool.

In addition, you can prevent cookies from being stored on your computer by adjusting your browser software settings accordingly. In this case, you may not be able to use all the functions of our websites to their full extent. To prevent Google from collecting the data generated by the cookies and relating to your use of our website (including your IP address) and from processing this data, you can download and install a browser plug-in from the link below:https://tools.google.com/dlpage/gaoptout?hl=de.

You can also object to the use of cookies for reach measurement and advertising purposes via the deactivation page of theNetwork Advertising Initiative (https://optout.networkadvertising.org/) and additionally the US website (https://www.aboutads.info/choices) or the European website (https://www.youronlinechoices.com/uk/your-ad-choices/).

XI. Use ofLinkedIn

1. Scope of processing of personal data

We maintain an online presence within the LinkedIn social network, which is operated by LinkedIn Ireland Unlimited Company, WiltonPlaza Wilton Place, Dublin 2, Ireland. Within this framework and for the purposes of contemporary marketing, we process user data in order to communicate with users active on the platform or to provide information about us.

The categories of data processed include contact details (e.g. email, telephone numbers); content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times)as well as meta, communication and procedural data (e.g. IP addresses, timestamps, identification numbers, consent status).

In addition to our use of the data, the user data is usually processed by the operator of the social network for market research and advertising purposes. For example, profiles can be created based on the usage behaviour and resulting interests of the users. These usage profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies (see above for cookies) are usually stored on the users 'computers, in which the usage behaviour and interests of the users are stored.Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the social network and are logged in with their user account).

User data may also be processed outside theEuropean Union, which may result in risks for users because, for example, itmay be more difficult to enforce the so-called data subject rights (see below for information on the rights of data subjects) of users.

For a detailed description of the respective forms of processing, please refer to LinkedIn's privacy policy athttps://de.linkedin.com/legal/privacy-policy?.

For cases in which personal data is transferred to the United States, LinkedIn has submitted to the EU-US Data Privacy Framework.

2. Legal basis for the processing of personal data

The legal basis for the use of LinkedIn is Art. 6(1) (f) GDPR.

If LinkedIn asks you for consent to the data processing described, the legal basis for the processing is Art. 6 para. 1sentence 1 lit. a GDPR.

Additionally, on the basis of an agreement on joint processing of personal data in accordance with Art. 26 GDPR in conjunction with the declaration stored under this link https://legal.linkedin.com/pages-joint-controller-addendum.

3. Purpose of data processing

The use of LinkedIn facilitates the sharing of content.

When users post content on LinkedIn, we reach more potential customers. We also use LinkedIn to promote and spread awareness of our company and the services we offer.

4. Duration of storage

We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn and therefore cannot determine the extent to which, where and for how long the data is stored, the extent to which LinkedIn complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. However, every user of the social network must carefully check for themselves what personal data they share with and via LinkedIn.

5. Right to object and right to erasure

Options for restricting the processing of your data and managing your account and privacy settings are described at https://www.linkedin.com/help/linkedin/answer/a1337839/verwalten-ihrer-konto-und-datenschutzeinstellungen-ubersicht?lang=de. In addition, on mobile devices(smartphones, tablet computers), you can use the settings options there to restrict LinkedIn's access to contact and calendar data, photos, location data, etc., although this depends on the operating system used.

An opt-out option is available at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

XII. Use of Instagram

1. Scope of processing of personal data

We maintain an online presence within the social network Instagram, which is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. Within this framework and for the purposes of contemporary marketing, we process user data in order to communicate with users active there or to provide information about us.

The categories of data processed include contact details (e.g. email, telephone numbers); content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times) as well as meta, communication and procedural data (e.g. IP addresses, timestamps, identification numbers, consent status).

In addition to our use of the data, the user data is usually processed by the operator of the social network for market research and advertising purposes. For example, profiles can be created based on the usage behaviour and resulting interests of the users. These usage profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies (see above for cookies) are usually stored on the users' computers, in which the usage behaviour and interests of the users are stored.Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the social network and are logged in with their user account).

User data may also be processed outside theEuropean Union, which may result in risks for users because, for example, it may be more difficult to enforce the so-called data subject rights (see below for information on the rights of data subjects) of users.

For a detailed description of the respective forms of processing, please refer to Instagram's privacy policy at https://privacycenter.instagram.com/policy.In cases where personal data is transferred to the United States, Instagram has submitted to the EU-US Data Privacy Framework.

2. Legal basis for the processing of personaldata

The legal basis for the use of Instagram is Art. 6(1) (f) GDPR. If Instagram asks you for consent to the data processing described, the legal basis for the processing is Art. 6 (1) (a) GDPR.

3. Purpose of data processing

The use of Instagram facilitates the sharing of content.

When users post content on Instagram, we reach more potential customers. In addition, we use Instagram to further promote and disseminate information about our company and the services we offer.

4. Duration of storage

According to its own information, Instagram stores data until it is no longer needed to provide the services and functions or until the user's account is deleted, whichever occurs first. This depends on the circumstances of the individual case, in particular the type of data, why it is collected and processed, and the relevant legal or operational storage requirements.

5. Right to object and right to erasure

For opt-out options, please refer to Instagram's privacy policy and the privacy information and settings at https://help.instagram.com/196883487377501?ref=dpand for privacy-friendly profile settings for Instagram profiles at https://help.instagram.com/811572406418223/?helpref=hc_fnav.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be most effectively asserted with the provider of the social network. Only the provider has access to the user data and can take appropriate measures and provide information directly. Users can contact the social network's data protection officer themselves at the following link: https://www.facebook.com/help/contact/540977946302970.If you still require assistance, you can also contact us.

XIII. Use of TikTok

1. Scope of processing of personal data

We maintain an online presence within the social network or short video portal TikTok, which is operated by TikTok TechnologyLimited, The Sorting Office, Ropemaker Place, Dublin 2, Dublin, D02 HD23,Ireland. Within this framework and for the purposes of contemporary marketing, we process user data in order to communicate with users active there or to provide information about us.

The categories of data processed include contact details (e.g. name, email address, telephone number); content data (e.g.entries in online forms), usage data (e.g. websites visited, interest in content, access times) as well as meta, communication and procedural data (e.g.IP addresses, time stamps, identification numbers, consent status).

In addition to our use of the data, the data of users is usually processed by the operator of the social network for market research and advertising purposes. For example, user profiles can be created based on usage behaviour and the resulting interests. These usage profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies (see above for cookies) are usually stored on the users' devices, in which the usage behaviour and interests of the users are stored.Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the social network and are logged in with their user account).

User data may also be processed outside theEuropean Union (including Singapore and the USA, and possibly China), which may result in risks for users because, for example, it may be more difficult to enforce the so-called data subject rights (see below for information on the rights of data subjects) of users.

For a detailed description of the respective forms of processing, please refer to TikTok's privacy policy at https://www.tiktok.com/legal/page/global/privacy-policy-eea-archive/de.

2. Legal basis for the processing of personal data

The legal basis for the use of TikTok is Art. 6(1) (f) GDPR.

If TikTok asks you for consent to the data processing described, the legal basis for the processing is Art. 6 para. 1sentence 1 lit. a GDPR.

3. Purpose of data processing

The use of TikTok facilitates the sharing of content and allows us to present our offers in an appealing way. By using it, we can further promote and spread awareness of our company and the services we offer. We hope to reach more potential customers as a result.

4. Duration of storage

We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by TikTok and, in this respect, we cannot determine the extent to which, where and for how long the data is stored, the extent to which TikTok complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. However, every user of the platform must carefully check for themselves what personal data is shared with and via TikTok.

5. Option to object and delete

If you do not want TikTok to be able to associate your visit to our pages with your TikTok user account, please log out of yourTikTok user account. Options for account privacy settings are available at https://support.tiktok.com/de/account-and-privacy/account-privacy-settings.User data can be requested at https://support.tiktok.com/de/account-and-privacy/personalized-ads-and-data/requesting-your-data.

XIV. Use of YouTube

1. Scope of personal data processing

We maintain an online presence within the social network and video portal YouTube, which is operated by Google Ireland Limited,Gordon House, Barrow Street, Dublin 4, Ireland. Within this framework and for the purposes of contemporary marketing, we process user data in order to communicate with users active on the platform and to provide information about us.

The categories of data processed include contact details (e.g. email, telephone numbers); content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times)as well as meta, communication and procedural data (e.g. IP addresses, timestamps, identification numbers, consent status).

In addition to our use of the data, the data of users is usually processed by the operator of the social network for market research and advertising purposes. For example, user profiles can be created based on the usage behaviour and resulting interests of users. These usage profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies (see above for cookies) are usually stored on the users' computers, in which the usage behaviour and interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the social network and are logged in with their user account).

User data may also be processed outside theEuropean Union, which may result in risks for users because, for example, it may be more difficult to enforce the so-called data subject rights (see below for information on the rights of data subjects) of users.

For a detailed description of the respective forms of processing, please refer to the privacy policy of YouTube or Google at https://policies.google.com/privacy.

In cases where personal data is transferred to theUnited States, YouTube and Google have submitted to the EU-US Data PrivacyFramework.

2. Legal basis for the processing of personal data

The legal basis for the use of YouTube is Art. 6(1) (f) GDPR.

If YouTube asks you for consent to the data processing described, the legal basis for the processing is Art. 6 para. 1sentence 1 lit. a GDPR.

3. Purpose of data processing

The use of YouTube facilitates the sharing of content and allows us to present our offerings in an appealing manner. By usingYouTube, we can further promote and disseminate our company and the services we offer. We hope this will enable us to reach more potential customers.

4. Duration of storage

We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by YouTube and, in this respect, we cannot determine the extent to which, where and for how long the data is stored, the extent to which YouTube complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. However, every user of the platform must carefully check for themselves what personal data is shared with and via YouTube.

5. Right to object and right to erasure

If you do not want YouTube to be able to assign your visit to our website to your YouTube user account, please log out of yourYouTube user account. An opt-out option is available at https://myadcenter.google.com/personalizationoff.

XV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1.     Right to information

You can request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you can request thefollowing information from the controller:

(1) the purposesfor which the personal data is processed;

(2) thecategories of personal data that are being processed;

(3) the recipients or categories ofrecipients to whom your personal data has been or will be disclosed;

(4) the planned duration of storage of thepersonal data concerning you or, if specific information on this is notpossible, criteria for determining the storage period;

(5) the existence of a right to rectificationor erasure of personal data concerning you, a right to restriction ofprocessing by the controller or a right to object to such processing;

(6) the existenceof a right to lodge a complaint with a supervisory authority;

(7) all available information on the originof the data if the personal data is not collected from the data subject;

(8) the existence of automateddecision-making, including profiling, pursuant to Article 22(1) and (4) of theGDPR and, at least in those cases, meaningful information about the logicinvolved, as well as the significance and the envisaged consequences of suchprocessing for the data subject.

You have the right to request information on whetherpersonal data concerning you is being transferred to a third country or to aninternational organisation. In this context, you may request to be informed ofthe appropriate safeguards pursuant to Art. 46 GDPR in connection with thetransfer.

2.     Right to rectification

You have the right to rectification and/or completion vis-à-vis the controller if the personal data processed concerning you is inaccurate or incomplete. The controller must rectify the data without delay.

3.     Right to restriction of processing

Under the following conditions, you may request therestriction of the processing of personal data concerning you:

(1) if you dispute the accuracy of thepersonal data concerning you for a period enabling the controller to verify theaccuracy of the personal data;

(2) the processing is unlawful and you opposethe erasure of the personal data and request the restriction of their useinstead;

(3) the controller no longer needs thepersonal data for the purposes of the processing, but you require it for theestablishment, exercise or defence of legal claims; or

(4) if you have lodged an objection to theprocessing pursuant to Article 21(1) of the GDPR and it is not yet clearwhether the legitimate grounds of the controller override your grounds.

If the processing of personal data concerning you has beenrestricted, such data may – apart from its storage – only be processed withyour consent or for the assertion, exercise or defence of legal claims or forthe protection of the rights of another natural or legal person or for reasonsof important public interest of the Union or a Member State.

If the restriction of processing has been restricted inaccordance with the above conditions, you will be informed by the controllerbefore the restriction is lifted.

4.     Right to erasure

a)     Obligation to erase

You may request the controller to erase personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay if one of the following reasons applies:

(1) The personal data concerning you is nolonger necessary for the purposes for which it was collected or otherwiseprocessed.

(2) You withdraw your consent on which theprocessing was based in accordance with Art. 6(1)(a) or Art. 9(2)(a) GDPR, andthere is no other legal basis for the processing.

(3) You object to the processing pursuant to Art.21(1) GDPR and there are no overriding legitimate grounds for the processing,or you object to the processing pursuant to Art. 21(2) GDPR.

(4) The personaldata concerning you has been processed unlawfully.

(5) The erasure of personal data concerningyou is necessary to comply with a legal obligation under Union law or the lawof the Member States to which the controller is subject.

(6) Thepersonal data concerning you has been collected in relation to the servicesoffered by information society services pursuant to Article 8(1) of the GDPR.

b)     Information to third parties

If the controller has made the personal data concerning youpublic and is obliged to erase it pursuant to Art. 17(1) GDPR, the controllershall take reasonable steps, including technical measures, taking into accountthe available technology and implementation costs, to inform controllers whoprocess the personal data that you, as the data subject, have requested them todelete all links to this personal data or copies or replications of thispersonal data.

c)     Exceptions

The right to erasure does not apply if processing isnecessary

(1) forexercising the right of freedom of expression and information;

(2) for compliance with a legal obligationwhich requires processing by Union or Member State law to which the controlleris subject or for the performance of a task carried out in the public interestor in the exercise of official authority vested in the controller;

(3) for reasons of public interest in thearea of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;

(4) for archiving purposes in the publicinterest, scientific or historical research purposes or statistical purposespursuant to Article 89(1) GDPR, insofar as the right referred to in section a) islikely to render impossible or seriously impair the achievement of theobjectives of that processing, or

(5) for theestablishment, exercise or defence of legal claims.

5.     Right to information

If you have asserted your right to rectification, erasure orrestriction of processing against the controller, the controller is obliged tonotify all recipients to whom your personal data has been disclosed of thisrectification or erasure of the data or restriction of processing, unless thisproves impossible or involves disproportionate effort.

You have the right to be informed by the controller aboutthese recipients.

6.     Right to data portability

You have the right to receive the personal data concerningyou that you have provided to the controller in a structured, commonly used andmachine-readable format. You also have the right to transmit this data toanother controller without hindrance from the controller to whom the personaldata has been provided, provided that

(1) the processing is based on consentpursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant toArt. 6(1)(b) GDPR and

(2) theprocessing is carried out using automated means.

In exercising this right, you also have the right to havethe personal data concerning you transmitted directly from one controller toanother controller, where technically feasible. The freedoms and rights ofother persons must not be affected by this.

The right to data portability does not apply to theprocessing of personal data necessary for the performance of a task carried outin the public interest or in the exercise of official authority vested in thecontroller.

7.     Right to object

You have the right to object, on grounds relating to yourparticular situation, at any time to the processing of personal data concerningyou which is based on Article 6(1)(e) or (f) GDPR; this also applies toprofiling based on these provisions.

The controller shall no longer process the personal dataconcerning you unless the controller can demonstrate compelling legitimategrounds for the processing which override your interests, rights and freedoms,or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you is processed for directmarketing purposes, you have the right to object at any time to the processingof personal data concerning you for such marketing purposes; this also appliesto profiling insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes,the personal data concerning you will no longer be processed for thesepurposes.

In connection with the use of information society services,you have the option of exercising your right to object by means of automatedprocedures using technical specifications, irrespective of Directive 2002/58/EC.

8.     Right to revoke your declaration of consent under data protection law

You have the right to withdraw your declaration of consentunder data protection law at any time. The withdrawal of consent shall notaffect the lawfulness of processing based on consent before its withdrawal.

9.     Automated decision-making in individual cases, including profiling

You have the right not to be subject to a decision based solelyon automated processing, including profiling, which produces legal effects concerningyou or similarly significantly affects you. This does not apply if the decision

(1) is necessary for entering into, orperformance of, a contract between you and the controller,

(2) is authorised by Union or Member Statelaw to which the controller is subject and that law provides for appropriatemeasures to safeguard your rights and freedoms and legitimate interests, or

(3) with yourexpress consent.

However, these decisions may not be based on specialcategories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) lit.a or g GDPR applies and appropriate measures have been taken to protect yourrights and freedoms as well as your legitimate interests.

With regard to the cases referred to in (1) and (3), thecontroller shall take appropriate measures to safeguard your rights andfreedoms and legitimate interests, including at least the right to obtain humanintervention on the part of the controller, to express your point of view andto contest the decision.

10.  Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicialremedy, you have the right to lodge a complaint with a supervisory authority,in particular in the Member State of your habitual residence, place of work orplace of the alleged infringement, if you consider that the processing ofpersonal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.

XVI. Changes to this privacy policy

The further development of the internet and our website may also affect the handling of personal data. We therefore reserve the right to amend this privacy policy in the future in accordance with applicable data protection laws and, if necessary, to adapt it to changes in data processing. The current version of the privacy policy is always available under the heading "Data protection" or "Privacy policy".