DATA PROTECTION

OUR GUIDELINES

Privacy Policy

Thank you for your interest in our website. The protection of your personal data is very important to us. Below you will find information on how we handle your data that is collected through your use of our website. Your data is processed in accordance with the legal regulations on data protection.

1. Responsible party

+49 160 94834775

info@alliance-nuernberg.de

https://www.dreamartbjj.de

ALLIANCE NUREMBERG GmbH Willy-Brandt-Platz 4 90402 Nürnberg

2. Contact details of the data protection officer

info@alliance-nuernberg.de

When contacting the data protection officer, please state the company to which your request relates. Please refrain from including sensitive information, such as a copy of your ID, with your request.

3. Data processing when operating the website

3.1. Webhosting

This website is hosted by an external service provider. Personal data collected on this website is stored on the host’s servers. This may primarily involve IP addresses, contact inquiries, meta and communication data, website visits and other data generated via a website.

We collect the data listed in order to ensure a smooth connection to the website and technically error‑free provision of our services. The processing of this data is absolutely necessary in order to provide you with the website. The legal basis for the processing of the data is our legitimate interest in the correct presentation and functionality of our website pursuant to Art. 6 (1) (f) GDPR.

We have concluded a data processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige him to protect the data of our customers and not to pass it on to third parties.

3.1.1. Webflow

For the creation and hosting of our website, we use the services of Webflow, Inc. 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.

Description of data processing and purpose

Webflow is a tool for creating and hosting websites. We use the services to make our website available to you.

Personal data collected on this website is stored on the host’s servers. This may primarily involve IP addresses, contact inquiries, meta and communication data, website visits, log files and other data generated via a website.

Webflow also stores cookies or other recognition technologies that are required for the presentation of the site, to provide the website functions and to ensure security (technically necessary cookies).

We use Webflow for the purpose of creating and providing our online presence.

Legal basis for data processing

Insofar as we use cookies and similar technologies in the context of integrating the service or insofar as data is stored on your device or read from it by the service, this is done in accordance with Section 25 (2) TDDDG. Any subsequent data processing is carried out on the basis of Art. 6 (1) sentence 1 (f) GDPR. Our legitimate interest lies in technically improving our website and making our online presence available efficiently.

Recipients

In the context of the use of the service, the data collected via our websites is transmitted to the following recipients:

Webflow, Inc. 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.

We generally have no influence on any further data processing by the third‑party provider.

You can find further information on the handling of personal data by Webflow at https://webflow.com/legal/privacy and at https://webflow.com/legal/eu‑privacy‑policy.

Data processing in third countries

The processing of your data may, when using the service, also take place in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries, particularly in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies with certification under the EU‑U.S. Data Privacy Framework, which can be viewed at the following link: Data protection adequacy for non‑EU countries.

Webflow, Inc. is certified under the EU‑U.S. Data Privacy Framework and is therefore committed to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).

If your data is transferred to other third countries for which no adequacy decision exists, there is a risk that authorities there may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedy.

In order to ensure an appropriate level of data protection when transferring your data to third countries, standard data protection clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are concluded. These oblige the recipient of the data to process it in accordance with the European level of protection.

If the standard data protection clauses are not sufficient to ensure the level of protection, additional technical, contractual or organisational measures are taken to secure the data transfer. In addition, it is regularly checked and assessed whether these additional measures continue to ensure an adequate level of data protection or whether further supplementary measures need to be taken.

Storage period

By integrating the services, data is transmitted to the above‑mentioned recipients and stored there for the duration of NUMBER months.

Any further storage of the data processed by the service and made available to us in our own systems takes place for the duration of NUMBER months.

3.1.2 Amazon CloudFront (in connection with Webflow)

To provide our website, we use Amazon CloudFront, a service of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L‑1855 Luxembourg. The integration of the service is carried out by our hosting provider Webflow.

The aforementioned provider is the authorised EU representative of Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108‑1226, USA.

Description of data processing and purpose

Amazon CloudFront enables us to deliver data quickly to make our website available as optimally as possible. The service is a Content Delivery Network (CDN) operated by Amazon Web Services. The CDN uses proxy servers worldwide that allow companies to quickly and securely provide content such as web videos or other large media. To do this, proxy servers cache the files locally and thus improve the access speed when downloading. In practice this means: companies can offer data‑rich content on their websites that users can access without long waiting times.

In order to provide content from our websites via the service, your personal data is transmitted to Amazon Web Services. The data processed in particular includes:

your IP address,
the accessed website,
the referrer URL,
the browser used,
the operating system used.

We use the service in order to make our online presence as best and fastest available as possible.

Legal basis for data processing

Recipients

In the context of the use of the service, the data collected via our websites is transmitted to the following recipients:

Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L‑1855 Luxembourg,
Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108‑1226, USA.

We generally have no influence on any further data processing by the third‑party provider.

Further information on the handling of personal data by AWS can be found at https://aws.amazon.com/legal/privacy-policy/ and at AWS: Privacy Notice – 2023‑04‑01 DE.

3.3 Data processing in connection with cookies and similar technologies

3.3.1 Access to and storage of information in terminal device

By using our website, access to information (e.g. IP address) or storage of information (e.g. cookies) in your terminal devices may take place. This access or storage may be associated with further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically error‑free provision of our services, this is based on Section 25 (1), (2) No. 2 TDDDG. Any subsequent data processing is carried out, where applicable, on the basis of Art. 6 (1) sentence 1 (f) GDPR.

In cases where such an operation serves other purposes (e.g. the needs‑based design of our website), it is carried out on the basis of Section 25 (1) TDDDG only with your consent pursuant to Art. 6 (1) sentence 1 (a) GDPR. Consent can be revoked at any time with effect for the future. The provisions of the GDPR and the Federal Data Protection Act (BDSG) apply to the processing of your personal data.

Further information on the processing of your personal data and on the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

Data processing in third countries

The processing of your data may, when using the service, also take place in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries, particularly in the USA.

Storage period

By integrating the services, data is transmitted to the above‑mentioned recipients and stored there for the duration of NUMBER months.

Any further storage of the data processed by the service and made available to us in our own systems takes place for the duration of NUMBER months.

3.1.2 Amazon CloudFront (in connection with Webflow)

The aforementioned provider is the authorised EU representative of Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108‑1226, USA.

Description of data processing and purpose

In order to provide content from our websites via the service, your personal data is transmitted to Amazon Web Services. The data processed in particular includes:

your IP address,
the accessed website,
the referrer URL,
the browser used,
the operating system used.

We collect the listed data in order to ensure a smooth connection to the website and a technically error‑free provision of our services. The processing of this data is absolutely necessary in order to make the website available to you. The log files are used to analyse system security and stability as well as for administrative purposes.

Legal basis for data processing

The legal basis for the processing of the data is our legitimate interest in protecting and maintaining the functionality of our website pursuant to Art. 6 (1) sentence 1 (f) GDPR.

Storage period

For reasons of technical security, in particular to defend against attack attempts on our web server, this data is stored by us for a short period. After no later than 7 days, the data is anonymised by shortening the IP address at domain level so that it is no longer possible to establish a reference to an individual user.

In anonymised form, the data may also be processed for statistical purposes. Storage of this data together with other personal data of the user, comparison with other data sets or disclosure to third parties does not take place at any time.

3.3. Data processing in connection with cookies and similar technologies

3.3.1. Access to and storage of information in terminal devices

3.3.2 Cookies and Similar Technologies

We use services on this website that employ cookies and similar technologies to store data in your device’s browser and to read out already stored data. For this purpose, cookies, your browser’s local storage, pixels and so-called tags may be used.

Cookies are small text files that are stored on your device and can be read out.

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which remain stored beyond the single session for a defined period.

In addition to cookies, we may also use your browser’s session storage or local storage to store and read data. We may embed pixels in our websites. Pixels are small, individualized image files that are loaded when a page is rendered and can be used to track user activities.

Finally, we may embed tags (markers) on our websites. Tags are small HTML or JavaScript code fragments or markers that enable website-analysis or user-tracking services to distinguish and identify users and follow specific user activities.

Further information about the cookies and similar technologies we use can be found in the descriptions of the cookie categories and in our consent-management platform “Usercentrics,” which is displayed to you when you visit our website. You can reopen “Cookie Settings” at the bottom of the website and change your selections.

Please note that our websites may not display correctly without certain cookies and similar technologies, and some functions may no longer be technically available.

3.3.2.2 Kategorie Essenziell

Services in this category may employ cookies and similar technologies to store and read information on your device. We use these to:

enable the display of the website and provide its core functions, in particular page navigation and access to secure areas,
enable the giving and withdrawal of consents,
protect our forms from abusive submissions,
protect our website from cyber-attacks and fraud attempts,
ensure the website is displayed.

Some of the cookies and similar technologies used only contain information about certain settings and are not personally identifiable. We do not use them for the purpose of tracking your interactions, measurement and statistical analysis, or advertising.

The use of these services and corresponding cookies and similar technologies in this category is based on Section 25 (2) nos. 1 and 2 TDDDG. Any subsequent data processing is based on Art. 6 (1) sentence 1 (f) GDPR.

3.3.2.3. Functional Category

Services or external content and media from third-party providers in this category may use cookies and similar technologies to store and read information on your device. We use them

to enable the loading of content and media from third-party providers,
to design and operate our websites in an appealing and efficient way for you, and
to provide you with certain settings and additional functionalities of the website.

The use of services and corresponding cookies and similar technologies in this category is based on your consent pursuant to § 25 para. 1 TDDDG. Subsequent data processing is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

3.3.2.4. Statistics Category

Services in this category may use cookies and similar technologies to store and read information on your device.
We use these

to count and differentiate individual website visitors and create statistical analyses of their interactions and use of our websites,
to tailor our websites to needs and adapt them to user interactions,
to test adjustments on the website and measure user response (A/B testing), and
to monitor the technical functionality of our website and enable error correction.

For this purpose, numbers and letters (existing individual pseudonymous identifiers [recognition features]) are regularly stored in cookies on your device when you visit our website and read again upon your return.

The use of pseudonyms makes individual identification and recognition of users possible. However, the natural person behind a pseudonym cannot usually be directly identified without further, additional data, particularly not by name.

Further technologies may also be used regularly to read recognition features from your device, such as in the case of so-called browser or device fingerprinting. This involves reading data from your browser (e.g. type and version of the browser) and its configuration (e.g. preferred language), from your device (e.g. manufacturer and model of your mobile phone, operating system), or from hardware you use (e.g. screen resolution) to recognize you as a distinct user under a pseudonym.

3.3.2.5. Marketing Category

Services in this category may use cookies and similar technologies to store and read information on your device.
We use these

to count and distinguish you as individual website visitors and to create statistical analyses regarding your interactions and usage of our websites,
to track your interactions with us via third-party providers on other websites through advertisements placed across different devices and websites (so-called conversion tracking),
to analyze and evaluate your interactions with our website and use these findings to target you or a specific audience to which you belong with appropriate advertising campaigns in the advertising network (so-called retargeting and remarketing),
to improve the effectiveness of our advertising measures and control our advertising campaigns.

For this purpose, numbers and letters representing existing, individual pseudonymous identifiers (recognition features) are regularly stored in cookies by us and the services used when you visit another website or our website, and are read again when you return to that website or another.

Additional technologies may regularly be used to read recognition features from your device, for example in the case of browser or device fingerprinting, where data from the browser you use (e.g. type and version), its configuration (e.g. preferred language), or properties of your device (e.g. manufacturer and model of your mobile phone, operating system) or hardware used by you (e.g. screen resolution) are used to recognize you as a distinct pseudonymous user.

Where applicable, processed pseudonymous recognition features may also be linked to such features from us or from providers of services used by us.

This means that the services and their providers can also exchange recognition features (ID) with each other and compare them to associate the same pseudonymous user via matching (so-called ID Matching/ID Syncing). This enables device-, platform-, and ad network–wide recognition and targeted communication with website visitors.

If you make yourself identifiable via your personal data such as name or email address or enter corresponding user data on our websites, or log into social networks or third-party services that also provide tracking and advertising capabilities, pseudonymous recognition features may additionally be linked with your personal data or user data.

In this way, we or the providers of services may create comprehensive pseudonymous or non-pseudonymous user profiles and evaluate and use them for targeted advertising based on your inferred interests.

3.4 Consent Management via Consent Management Platform Usercentrics

We use the consent management platform "Usercentrics" by Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich, on our websites to manage your consents for the use of cookies and similar technologies.

Description of Data Processing and Its Purpose

We use the service to manage your consents regarding the use of cookies and similar technologies and the data processing operations that follow.

If you give or reject consents via our consent banner, the service processes the following data:

Your device information
- the description of the used web browser and operating system
- the language used by your browser and operating system
- device ID
Website and banner data
- the ID of the website operator and the address of the website on which you provide your consent
- the language of the consent banner
- the version of the banner template
IP address
geographic location
Consent data
- your consent ID for assigning and requesting your consent data
- the date and time of consent
- your consent status with regard to the cookies and similar technologies used or services deployed, serving as proof of your consent

This data is logged on the provider's servers. In the course of processing, data is also stored in session storage and local storage of the browser and a pixel is used to store your consent status on your device and to read it again during a new page visit.

In this way, we are able to check your consent status on all subsequent and future visits to our websites and, depending on your decision, activate or deactivate the use of cookies and other technologies on each new visit.

Legal Basis for Data Processing

If we use cookies and similar technologies as part of the integration of the service or if data is stored or read from your device by the service, this is done in accordance with § 25 para. 2 TDDDG. Subsequent data processing is carried out based on Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with Art. 5 para. 2 GDPR, or based on Art. 6 para. 1 sentence 1 lit. f GDPR to safeguard our legitimate interests.

Our legitimate interest lies in centrally managing the embedded cookies and services on our website and offering you a simple option to give and withdraw your consent in order to fulfill our legal obligations under § 25 TDDDG and our accountability obligations under Art. 5 para. 2 GDPR concerning your consent.

Recipients

As part of the use of the service, the data collected via our websites is transmitted to the following recipient:

Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich.

Further information on the handling of personal data by the provider can be found at
https://usercentrics.com/de/datenschutzerklaerung/

Storage Duration

By integrating the services on our websites, data is transmitted to the above-mentioned recipient and processed there for as long as is necessary to achieve the stated purposes.
Any storage of the data processed by the service beyond this and provided to us in our own systems generally does not take place.
In individual cases, data on the time, status, and scope of your consent may be stored longer in our own systems, provided this is permissible for other purposes named in this declaration.

3.5 Google Tag Manager

We integrate the service "Google Tag Manager" from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, on our websites.

Within the European Union (EU) and the European Economic Area (EEA), the service is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Description of Data Processing and Its Purpose

"Google Tag Manager" is a tag management system (TMS) that enables the integration and management of additional website content in JavaScript or HTML code.

In particular, tags can be integrated and managed on our website through it.
Tags are small code fragments or markers (web beacons, tracking pixels, or similar markers) that enable services to conduct website analysis or user tracking — including distinguishing or identifying users.

The analysis of website visits or user tracking is not carried out by "Google Tag Manager" itself but by the services it integrates for those purposes, such as "Google Analytics" or other third-party tools.
"Google Tag Manager" only facilitates the integration and management of the markers needed for this on our websites.

Since "Google Tag Manager" is provided by Google and content is reloaded from its servers when the page is accessed, usage data technically required for this page access is transmitted.
Google thereby receives the IP address technically required to retrieve the content.

Legal Basis for Data Processing

The legal basis for integrating and using this service is your consent, provided you have given it via our Consent Management Platform "Usercentrics."

The use of cookies and similar technologies is based on your consent pursuant to § 25 para. 1 TDDDG. Subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.

Your consent is voluntary and can be revoked at any time with effect for the future.
To withdraw your consent, please use the “Cookie Settings” link at the bottom of the website or call up “Usercentrics” again and change your settings there.

Recipients

As part of the use of the service, the data collected via our websites is transmitted to the following recipients:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA

We have no control over further data processing by these third-party providers.

Further information on the handling of personal data by Google can be found at
https://policies.google.com/privacy?hl=de

Data Processing in Third Countries

The processing of your data when using this service may take place in countries outside the European Union (EU) and the European Economic Area (EEA), especially in the USA.

For data transfers to the USA, an adequacy decision of the EU Commission exists under Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework. You can access the list of certified companies via this link:
Data protection adequacy for non-EU countries

Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards.
This can be viewed at the following link:
Participant Search (dataprivacyframework.gov)

If your data is transferred to other third countries without an adequacy decision, there is a risk that authorities may access your data for surveillance purposes without you being informed or able to seek redress.

To ensure an adequate level of data protection in such cases, standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are concluded. These oblige the data recipients to process the data in accordance with the European level of protection.

If the standard contractual clauses are not sufficient to ensure a level of protection, additional technical, contractual, or organizational measures will be taken. These are regularly reviewed to ensure that they continue to provide an adequate level of protection. Additional measures may be required if necessary.

Storage Duration

By integrating the service on our websites, data is transmitted to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes.

3.6 Google Analytics

We integrate the service Google Analytics from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, on our websites.

Within the European Union (EU) and the European Economic Area (EEA), the service is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Description of Data Processing and Its Purpose

"Google Analytics" creates usage profiles based on pseudonyms (recognition features) from cookie and device ID data, and other data related to the device used or so-called browser fingerprinting and usage data (e.g. name and address of the site requested by your browser, referrer links, descriptions of the used web browser and operating system, as well as the IP address of the requesting device).

Also collected and analyzed are:

demographic data (such as continent, country, region, city, age, gender, and user interests)
data on your interactions with search engines or other websites
data on your interactions with our websites (visited subpages, timestamps of visits, button clicks, scroll depth, read depth, use of filters, search functions, forms, and other input and login options, data on products and services viewed on our websites)
data on your interactions with social media networks

This enables Google to recognize website visitors and their devices pseudonymously, count them, and assign them to specific demographic target groups, interest segments, or customer segments.

Visitors logged into their user accounts on Google platforms may be recognized by Google across devices and identified as visitors to our websites.

The data collection and processing on our websites is carried out using cookies and JavaScript code, which is loaded when the page is accessed and executed in your device’s browser.
With this JavaScript code, cookies can be stored in your device and various types of information read from your device or cookies stored there.

Details on the cookies and similar technologies used can be found above under “Data processing in connection with cookies and similar technologies”, as well as in the information provided via our Consent Management Platform "Usercentrics".

Google compiles aggregate statistics for us based on the processed data, which allow us to understand what interests users have, how many users visit which parts of our websites, and how they interact.

We only receive aggregated statistics from Google (aggregated data), from which we cannot identify individual users of the Google services.

We use this insight to later display target group–oriented online advertisements and marketing campaigns in advertising networks, particularly in the Google advertising network.

Legal Basis for Data Processing

The legal basis for the integration and use of the service is your consent, provided you have given it via our Consent Management Platform "Usercentrics".

The use of cookies and similar technologies is based on your consent pursuant to § 25 para. 1 TDDDG.
Subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.

Your consent is voluntary and can be withdrawn at any time with effect for the future.
To revoke your consent, please use the “Cookie Settings” link at the bottom of the website or reopen "Usercentrics" and change your settings.

Recipients

As part of the use of the service, the data collected via our websites is transmitted to the following recipients:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA

We have no control over further data processing by these third-party providers.

Further information on the handling of personal data by Google can be found at
https://policies.google.com/privacy?hl=de

demographic data (such as continent, country, region, city, age, gender, and user interests)
data on your interactions with search engines or other websites
data on your interactions with our websites (visited subpages, timestamps of visits, button clicks, scroll depth, read depth, use of filters, search functions, forms, and other input and login options, data on products and services viewed on our websites)
data on your interactions with social media networks

This enables Google to recognize website visitors and their devices pseudonymously, count them, and assign them to specific demographic target groups, interest segments, or customer segments.

Visitors logged into their user accounts on Google platforms may be recognized by Google across devices and identified as visitors to our websites.

We only receive aggregated statistics from Google (aggregated data), from which we cannot identify individual users of the Google services.

We use this insight to later display target group–oriented online advertisements and marketing campaigns in advertising networks, particularly in the Google advertising network.

Legal Basis for Data Processing

The legal basis for the integration and use of the service is your consent, provided you have given it via our Consent Management Platform "Usercentrics".

The use of cookies and similar technologies is based on your consent pursuant to § 25 para. 1 TDDDG.
Subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.

Recipients

As part of the use of the service, the data collected via our websites is transmitted to the following recipients:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA

We have no control over further data processing by these third-party providers.

Further information on the handling of personal data by Google can be found at
https://policies.google.com/privacy?hl=de

Data Processing in Third Countries

The processing of your data may, when using the service, also take place in countries outside the European Union (EU) and the European Economic Area (EEA), in third countries, particularly in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR regarding companies certified under the EU-U.S. Data Privacy Framework, which can be viewed at the following link:
Data protection adequacy for non-EU countries

Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed under the following link:
Participant Search (dataprivacyframework.gov)

If your data is transferred to other third countries where no adequacy decision exists, there is a risk that local authorities may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedy.

To ensure an adequate level of data protection when transferring your data to such third countries, standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are concluded.
These obligate the recipients to process the data in accordance with European data protection standards.

If the standard contractual clauses are not sufficient to ensure the level of protection, additional technical, contractual, or organizational measures are taken. These are regularly reviewed to determine whether they ensure a sufficient level of protection or whether additional safeguards are required.

Storage Duration

By integrating the services on our websites, data is transmitted to the above-mentioned recipients and stored there for a period of 14 months.
Any storage of the data processed by the service and provided to us in our own systems beyond this does not take place.

3.7 Google Advertising Services and Features

Google Ads, Google Ads Conversion Tracking, Google Marketing Platform (formerly Google DoubleClick), Google AdSense, Google Ads Remarketing.

We integrate Google advertising services and features from
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, on our websites.

Within the European Union (EU) and the European Economic Area (EEA), these services are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Description of Data Processing and Its Purpose

We use Google marketing services and features such as Google Ads, Google Ads Conversion Tracking, Google Ads Retargeting, and the Google Marketing Platform to display targeted advertisements for our products and services through Google’s ad network, and to measure how successful these ad campaigns are.

The data collection and processing on our websites is carried out using cookies and JavaScript code, which is loaded and executed in your device’s browser when the page is accessed.
This JavaScript code can store cookies in your device and read various types of information from your device and from stored cookies.

Details on the cookies and similar technologies used can be found above under "Data processing in connection with cookies and similar technologies", as well as via the information you can access through our

Consent Management Platform "Usercentrics".

Google is thereby able to pseudonymously recognize website visitors and the devices they use.
Visitors who have their own Google account and are logged into Google platforms can additionally be identified across devices as visitors to our websites.

If you click on an ad placed by us via Google, cookies for conversion tracking are set by Google or third-party providers. These cookies are read when you access our site.
Data from the original website or app may be processed — such as search terms (keywords) you may have entered into a search engine, which ad or group of ads you clicked, and which of our online marketing campaigns the ad was associated with.

Subsequently, we collect data on our websites regarding how you have used the site and interacted with its content — for example, which subpages were accessed, which content was clicked or ignored, which forms or dialogs were used.
The act of triggering a specific user action after clicking on an ad is referred to as a conversion.

When "Google Analytics" is used alongside, we can evaluate your behavior even more precisely using the combined data.

Google compiles aggregated statistics for us as part of Google Ads Conversion Tracking, Google Ads, and the Google Marketing Platform, which allow us to understand how users interacted with our ads and which campaigns were successful.
We receive only aggregated data (not tied to individuals) and cannot draw conclusions about any specific person.

We use this information to optimize our ad campaigns and control our ad strategy through Google’s advertising tools.

Google Ads Remarketing also allows us to show interest-based and audience-specific ads based on your continued internet usage — specifically based on websites and content you’ve visited, how you interacted with them, and what actions (conversions) you’ve taken.

Legal Basis for Data Processing

The legal basis for integrating and using this service is your consent, provided via our Consent Management Platform "Usercentrics."

The use of cookies and similar technologies is based on your consent pursuant to § 25 para. 1 TDDDG.
Subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.

Your consent is voluntary and may be withdrawn at any time with effect for the future.
To withdraw your consent, use the “Cookie Settings” link at the bottom of the website or re-open "Usercentrics" to update your preferences.

Recipients

As part of using these services, data collected via our website is transmitted to the following recipients:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA

We have no control over any further data processing by these third-party providers.

Further information on how Google handles personal data can be found at:
https://policies.google.com/privacy?hl=de

Data Processing in Third Countries

The processing of your data may also take place in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework, which can be viewed at the following link:
Data protection adequacy for non-EU countries

Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link:
Participant Search (dataprivacyframework.gov)

If your data is transferred to other third countries for which no adequacy decision exists, there is a risk that authorities in those countries may access your data for security and surveillance purposes, without informing you or allowing you to seek legal remedy.

To ensure an appropriate level of data protection in the event of data transfers to a third country, standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are used.
These require the recipient to process the data in accordance with the level of protection guaranteed by the GDPR.

If the standard contractual clauses are not sufficient to ensure the necessary level of protection, additional technical, contractual, or organizational measures will be implemented to safeguard the data transfer.
These measures are regularly reviewed and evaluated to ensure that they continue to provide an adequate level of data protection or whether additional supplementary steps must be taken.

Storage Duration

By integrating the services on our websites, data is transmitted to the above-mentioned recipients and processed there for as long as is necessary to achieve the specified purposes.
Any further storage of the data processed by the service and made available to us in our own systems does not take place.

3.8 Microsoft Advertising (Bing Ads)

We integrate the service "Microsoft Advertising (Bing Ads)" of Microsoft Corporation, One Microsoft Way, Redmond WA 94043, USA, on our websites.

In the European Union (EU) and in the European Economic Area (EEA), the service is provided by
Microsoft Ireland Operations, Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

Description of Data Processing and Its Purpose

We use this service on our websites to measure how successful the advertisements placed via Microsoft Advertising (Bing Ads) are.
For this purpose, we track how website visitors interact with the ads and how they subsequently use our websites.
This constitutes conversion tracking, i.e., tracking whether an advertisement leads to a specific action by the website visitor, with the goal of managing and optimizing our online marketing activities.

If one of our Microsoft Advertising (Bing Ads) ads is shown to you on other websites and you click on it, those websites store tracking cookies based on your consent.
These websites store the cookies based on your previously given consent, and link them to a pseudonymous ID on your device.
If you visit our website within the cookie's storage period, the cookie is read.

Additionally, when you access our websites, pseudonymous cookies are stored on your device to track your page views and interactions with our websites.

In this way, Microsoft can determine whether one of our displayed ads was shown to you, whether you clicked on it, and how you used our website afterward.

- Data about website access
  - IP address
  - Timestamp
  - Time zone
- Data about the device used to access the website
  - Hardware characteristics of the device
  - Operating system information
  - Browser information
  - Language settings of the device
  - Pseudonymous recognition feature of the device
- Data about the displayed advertisement
  - Data about the website where the ad was shown
  - Click of the website visitor on the ad
- Data on usage behavior on our websites
  - Pages visited
  - Duration and number of visits
  - Mouse movements
  - Click path
  - Successful execution of a defined target action by the website visitor (conversion)
From this information, Microsoft creates statistics for us that show how many users responded to our ads and in what way.
Based on these statistics, we can optimize our advertising campaigns and steer our advertising strategy.Legal Basis for Data ProcessingThe legal basis for the integration and use of the service is your consent, provided you have given it via our
Consent Management Platform "Usercentrics."The use of cookies and similar technologies is based on Section 25 (1) TDDDG.
Subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.Your consent is voluntary and can be withdrawn at any time with effect for the future.
To withdraw your consent, please use the link "Cookie Settings" at the bottom of the website or reopen "Usercentrics" and adjust your settings there.Data Processing in Third CountriesThe processing of your data may involve the use of the service in countries outside the European Union (EU) and the European Economic Area (EEA), in particular the USA.For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with respect to companies certified under the EU-U.S. Data Privacy Framework, which can be accessed at the following link:
Data protection adequacy for non-EU countriesMicrosoft Corporation is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be accessed at the following link:
Participant Search (dataprivacyframework.gov)If your data is transferred to other third countries where no adequacy decision exists, there is a risk that authorities in those countries may access your data for security and surveillance purposes without informing you or allowing you to seek legal remedy.To ensure an adequate level of data protection when transferring your data to such third countries,
standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are used.
These obligate the data recipients to process the data in compliance with the protection level of the EU.If these standard contractual clauses are not sufficient to ensure the required level of protection, additional technical, contractual, or organizational safeguards will be implemented.
These are regularly reviewed and assessed to ensure that they continue to guarantee an adequate level of protection, or whether further supplementary measures need to be taken.

Recipients

As part of the use of the service, the data collected via our website is transmitted to the following recipients:

Microsoft Ireland Operations, Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland
Microsoft Corporation, One Microsoft Way, Redmond, WA 94043, USA

We generally have no influence over any further data processing by this third-party provider.

Further information on the handling of personal data by Microsoft can be found at:
https://privacy.microsoft.com/de-de/privacystatement

Storage Duration

By integrating the service on our websites, data is transmitted to the above-mentioned recipients and stored there for as long as necessary to achieve the stated purposes.

3.9 Contact Form and General Inquiries via E-mail

Description of Data Processing and Its Purpose

If you send us inquiries via the contact form or e-mail, the information you provide in the inquiry form or your e-mail—including the personal data you enter—will be processed for the purpose of handling your request and any follow-up questions.

Providing an e-mail address is required in order to contact you.
Providing your first and last name and your phone number is optional.
We will never share this data without your consent.

Legal Basis for Data Processing

The legal basis for processing your data is our legitimate interest in responding to your inquiry pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
If your inquiry is aimed at concluding a contract, then additionally Art. 6 para. 1 sentence 1 lit. b GDPR applies.

Recipients

We only share your personal data within our organization with those departments or individuals who need this data to fulfill contractual or legal obligations, or to pursue our legitimate interest.

We may transmit your personal data to affiliated companies, insofar as this is legally permitted and in line with the purposes and legal bases outlined in this privacy policy.

Your personal data is processed on our behalf under data processing agreements pursuant to Art. 28 GDPR.
In such cases, we ensure that the processing of personal data is in accordance with the GDPR.
Typical recipients include internet service providers and providers of customer management systems and software.

Your personal data is only transferred to recipients outside our organization if legally permitted, required for contract fulfillment, or based on your explicit request.
For example, this may be necessary to process your request, perform pre-contractual measures, or fulfill our legal obligation to provide information, provided you have given consent or a legal basis permits this.

Unter diesen Bedingungen können beispielsweise folgende Personen Empfänger personenbezogener Daten sein:

External tax advisors
Public authorities and institutions (e.g. public prosecutor’s office, police, supervisory authorities, tax office) in the event of a legal or official obligation,
Recipients to whom the transfer is directly necessary for the initiation or fulfillment of a contract,
Other data recipients, if you have given us your consent to the data transfer.

Data Processing in Third Countries

The processing of your data may involve the use of the service in countries outside the European Union (EU) and the European Economic Area (EEA), especially in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework.

The recipient is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with appropriate data protection standards, which can be viewed at the following link:
Participant Search (dataprivacyframework.gov)

If your data is transferred to other third countries where no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without informing you or allowing you to seek legal remedy.

To ensure an adequate level of data protection for the transfer of your data to a third country,
standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are concluded.
These obligate the data recipient to process the data in compliance with the EU level of protection.

If the standard contractual clauses are not sufficient to guarantee the level of protection, additional technical, contractual, or organizational measures are taken to secure the data transfer.
These are regularly reviewed and assessed to ensure they continue to provide an adequate level of protection or whether further supplementary measures are necessary.

Storage Duration

Your data will be deleted after final processing of your inquiry, unless further contact is expected and provided no statutory retention obligations oppose deletion.

3.10. Web Forms for Collecting Advertising Data, HubSpot

On our websites, we collect personal data through various web forms for the purpose of advertising communication — to promote our products, goods, or services through direct marketing.

These may include forms

for signing up for newsletters, webinars, or events,
for booking consultation or product demo appointments,
for downloading whitepapers and other documents.

To collect this data, we use forms from the lead generation and marketing platform HubSpot on our websites.

Further information on how your data is processed for advertising purposes and how HubSpot handles personal data can be found in the following section of this privacy policy.

4. Data Protection Information for Customers and Other Contractual or Business Partners as well as Interested Parties

4.1. Contract Initiation, Execution, Fulfillment and for the Implementation of Pre-contractual Measures (General)

Description of the Data Processing and Its Purpose

We process your personal data if it is required for the initiation, execution, fulfillment of a contract or for the implementation of pre-contractual measures.

We process such data related to the initiation or pre-contractual measures. This may include general data about you or persons in your company (name, address, contact details, etc.) as well as any other data you provide us in the context of contract formation.

Legal Basis for Data Processing

If personal data is required for the initiation or execution of a contractual relationship or in the context of the implementation of pre-contractual measures, the processing is lawful pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

Sources

We process personal data provided to us in the context of establishing contact or forming a contractual relationship, or in the course of pre-contractual measures — by mail, phone, or email — or through forms on our website or via our social media profiles.

Recipients

We disclose personal data within our company exclusively to departments and individuals who need it to fulfill contractual or legal obligations or for the realization of our legitimate interests.

We may transfer your personal data to affiliated companies if permitted by the purposes and legal basis set out in this privacy notice.

Your personal data is processed on our behalf based on data processing agreements pursuant to Art. 28 GDPR. In such cases, we ensure that the processing of personal data is carried out in compliance with the provisions of the GDPR. In this case, the categories of recipients are IT service providers and providers of customer management systems and software.

Any transmission of data to recipients outside the company only occurs if permitted or required by law, e.g. for contract fulfillment, upon your request, for the implementation of pre-contractual measures, or if your consent has been given or we are authorized to provide information.

Under these conditions, recipients of personal data may include, for example:

External tax advisors
Public authorities and institutions (e.g. public prosecutor’s office, police, supervisory authorities, tax office) in the event of a legal or regulatory obligation
Recipients to whom the transfer is directly necessary for contract initiation or fulfillment
Other data recipients, if you have provided consent for the transfer

Retention Period

If necessary, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes. This also includes the initiation and execution of a contract.

Additionally, we are subject to various retention and documentation obligations, which arise from legal regulations such as the German Commercial Code (HGB) and the German Fiscal Code (AO). The prescribed retention or documentation periods range from two to ten years.

Finally, the retention period is also determined by the statutory limitation periods, which according to §§ 195 et seq. of the German Civil Code (BGB), are generally three years but can also be up to thirty years in certain cases.

Necessity of Providing Personal Data

Providing personal data for deciding on the conclusion of a contract, its execution, or the implementation of pre-contractual measures is generally voluntary. However, we may only make decisions within the framework of contractual measures if you provide the personal data necessary for entering into a contract, executing the contract, or carrying out pre-contractual measures.

4.2. Booking Demo Appointments with Demodesk

You can schedule a non-binding consultation or a product demo through our website.

For this purpose, we use the service "Demodesk Scheduling" provided by the company Demodesk GmbH, Franz-Joseph Straße 9, 80801, Munich, Germany.

Description of the Data Processing and Its Purpose

We use Demodesk Scheduling to enable prospective customers to book appointments with us. Demodesk uses cookies to facilitate this process.

In addition to your preferred time and company name, the following personal data is also processed by Demodesk:

First and last name
Email address
Phone number

Legal Basis for Data Processing

The legal basis for the processing of personal data is Art. 6 para. 1 sentence 1 lit. b GDPR, if the person booking the appointment is our contractual partner. Otherwise, Art. 6 para. 1 sentence 1 lit. f GDPR applies if the booking is made by a contact person of a contractual partner.

Thus, the legal bases for processing are Art. 6 para. 1 sentence 1 lit. b GDPR and Art. 6 para. 1 sentence 1 lit. f GDPR.

Our legitimate interest lies in offering a non-binding consultation with you as a potential customer or contact person of a potential customer, and possibly taking further pre-contractual steps.

Recipients

In the course of using the service, the data collected through our website is transmitted to the following recipient:

Demodesk GmbH, Franz-Joseph Straße 9, 80801, Munich, Germany.

Further information about how Demodesk processes data can be found here:
https://demodesk.com/legal/privacy-policy-platform

Retention Period

By using the service, data is transferred to the aforementioned recipients and stored there for as long as necessary to achieve the stated purposes.

If necessary, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes.

In addition, your data will be deleted once timely telephone contact has taken place with you, was unsuccessful, or did not lead to the conclusion of a contract.

4.3. Booking Audit Appointments with Microsoft Booking

To book online appointments, we use the service "Microsoft Bookings" from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Within the European Union (EU) and the European Economic Area (EEA), the service is offered by Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

Description of the Data Processing and Its Purpose

In the context of appointment booking, we process mandatory information (first and last name, email address) of the person booking, as well as optional information such as address, phone number, company name, information on the auditing affiliated company, and the language of the audit meeting.

We use the service to enable you to book audit and review appointments online and to make appointment scheduling and management more efficient.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR, where the person booking is our contractual partner, or Art. 6 para. 1 sentence 1 lit. f GDPR if the booking is made by a contact person of a contractual partner.

Our legitimate interest lies in fulfilling our contractual services.

Recipients

As part of using the service, the data collected via our website is transmitted to the following recipients:

Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland,
Microsoft Corporation, One Microsoft Way, Redmond, WA 94043, USA.

Data Processing in Third Countries

Your data may be processed in countries outside the European Union (EU) and the European Economic Area (EEA), in particular in the USA.

For data transfers to the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework, which can be viewed at the following link: Data protection adequacy for non-EU countries.

Microsoft Corporation is certified under the EU-U.S. Data Privacy Framework and therefore commits to complying with appropriate data protection standards, which can be reviewed at the following link: Participant Search (dataprivacyframework.gov).

If your data is transferred to other third countries for which there is no adequacy decision, there is a risk that local authorities may access your data for security and surveillance purposes without informing you or allowing you to seek legal remedy.

If your data is transferred to other third countries for which there is no adequacy decision, there is a risk that authorities in those countries may access your data for security and surveillance purposes without informing you or providing you with legal remedies.

To ensure an adequate level of data protection when transferring your data to a third country, standard data protection clauses issued by the European Commission in accordance with Art. 46 para. 2 lit. c GDPR are used. These clauses obligate the data recipient to process the data in compliance with the protection level required under EU law.

If standard data protection clauses are not sufficient to ensure an adequate level of protection, additional technical, contractual, or organizational measures are taken to secure the data transfer. Furthermore, regular assessments are conducted to determine whether these additional measures still provide an adequate level of data protection or if further supplementary steps are necessary.

Retention Period

When using the service, data is transferred to the above-mentioned recipients and stored for as long as necessary to achieve the stated purposes.

If necessary, we process and store your personal data for the duration of our business relationship or for fulfilling contractual obligations.

4.4. Conducting Product Demonstrations with Storylane

On our websites, we use the service "Storylane" provided by Storylane Inc., 2261 Market Street #4813, San Francisco, CA 94114, USA.

Description of the Data Processing and Its Purpose

We use this service to offer an interactive demo of our software on our website. This is intended to give interested users the opportunity to easily gain insight into our software and experience its features themselves.

When using the service, personal data is processed to provide the software demo, such as the IP address of the website visitor. During the demo, users may contact us via a corresponding form.

Additionally, information about the user’s interaction with the demo is collected, including:

Duration of interaction
Region of access
Time of access
Progress in the demo
Clicks on contact options

This data helps us optimize the software demo and measure the success of customer acquisition and engagement.

Legal Basis for Data Processing

The legal basis for using this service is your consent, provided through our Consent Management Platform “Usercentrics”.

The use of cookies and similar technologies is based on Section 25 para. 1 TDDDG. The subsequent data processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR.

Your consent is given voluntarily and may be withdrawn at any time with future effect. To withdraw your consent, please use the link "Cookie Settings" at the bottom of the website or reopen our Consent Management Platform “Usercentrics” to modify your preferences.

Recipients

In the context of using the service, the following recipients receive your data:

Storylane Inc., 2261 Market Street #4813, San Francisco, CA 94114, USA

We generally have no influence on further data processing by the third-party provider.

Further information on the handling of personal data by the service provider can be found here:
Privacy Policy - Storylane | Interactive Product Demos

Data Processing in Third Countries

Your data may be processed in countries outside the European Union (EU) and the European Economic Area (EEA), especially in the USA.

To ensure an adequate level of data protection when transferring data to third countries, standard contractual clauses of the European Commission according to Art. 46 para. 2 lit. c GDPR are used. These oblige the recipient to process the data in compliance with the level of protection equivalent to that of the EU.

If these standard contractual clauses are not sufficient to guarantee data protection, additional technical, contractual, or organizational measures are implemented. These safeguards are regularly reviewed and evaluated to ensure their effectiveness or to determine whether further supplementary actions are required.

Retention Period

By using the service, data is transferred to the recipient mentioned above and stored for a maximum duration of 90 days.

4.5. Conducting Webinars with GoTo Webinar

To conduct our webinars, we use the GoTo Webinar service from GoTo Technologies Ireland Unlimited Company,
77 Sir John Rogerson's Quay, Block C, Suite 207, Grand Canal Docklands, Dublin 2, D02 VK60, Ireland.

Description of the Data Processing and Its Purpose

When using the service, the data you provide for participation is processed, along with technical connection data related to:

Duration of the session
Established connections
Hardware and equipment used
IP addresses
Location
Language settings
Operating system
Device identifiers

Additionally, diagnostic data may be processed for troubleshooting issues during the webinar.

The service is used to conduct webinars and enable your participation.

Legal Basis for Data Processing

The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. b GDPR if the participant is our contractual partner, or Art. 6 para. 1 sentence 1 lit. f GDPR if the participant represents a customer or contractual partner. Our legitimate interest lies in fulfilling our contractual services.

Recipients

GoTo Technologies Ireland Unlimited Company,
77 Sir John Rogerson's Quay, Block C, Suite 207,
Grand Canal Docklands, Dublin 2, D02 VK60, Ireland.

Retention Period

By using the service, data is transmitted to the aforementioned recipients and stored for as long as required to achieve the specified purposes.

If necessary, we process and store your personal data for the duration of our business relationship or for fulfilling contractual obligations.

4.6. Data Processing for Marketing Purposes

We process your personal data to contact you by mail, phone, or email for direct marketing purposes, to analyze prospect data, conduct market research, and carry out customer satisfaction surveys.

4.6.1. Data Collection

4.6.1.1. Web Forms for Marketing Data Collection

On our websites, we collect personal data via various web forms to target you with advertising, promote the sale of our products, goods, or services through direct marketing.

This may include forms:

for newsletter, webinar, or event registration,
for booking product demonstrations, or
for downloading whitepapers and other documents.

Further information regarding the scope of data processing, purposes, legal bases, recipients, and storage duration of the collected data can be found in the following sections.

4.6.1.2. Trade Fair Forms for Marketing Data Collection

Description of the Data Processing

At trade fairs, we may collect personal data via analog or digital forms to target you with advertising, promote the sale of our products, goods, or services through direct marketing.

Further information regarding the scope of data processing, purposes, legal bases, recipients, and storage duration of the collected data can be found in the following sections.

4.6.2. Email Marketing

4.6.2.1. Marketing to Existing Customers

Description of the Data Processing and Its Purpose

We process your personal data (title, first name, last name, business email address for business contacts or private email address for consumers) that we received in connection with a contractual agreement. The purpose, and our legitimate interest, is to send you or your company personalized direct marketing emails about similar products, goods, or services related to the previous contractual agreement.

Legal Basis for Data Processing

The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. As we comply with the exception rule requirements of § 7 para. 3 of the German Act Against Unfair Competition (UWG), and only process such personal data to achieve the stated purpose that is closely related to your business activity, our legitimate interest prevails. You can object to this processing at any time if our interest does not outweigh your rights.

Sie können der Datenverarbeitung jederzeit mit Wirkung für die Zukunft widersprechen, ohne dass hierfür andere als die Übermittlungskosten nach den Basistarifen entstehen. Um IhrWiderspruchsrecht auszuüben, nutzen Sie bitte den Abmelde link in unseren werblichen E-Mails oder wenden Sie sich an

info@alliance-nuernberg.de

Recipients

As part of data processing, your data is transferred to the following recipients:

HubSpot Ireland Limited, 1 Sir John Rogerson's Quay, Dublin 2, Ireland
HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA.

Data Processing in Third Countries

Your data may be processed in third countries outside the European Union (EU) and the European Economic Area (EEA), in particular in the USA.

For data transfers to the USA, an adequacy decision by the EU Commission under Art. 45 para. 1 GDPR applies with regard to companies certified under the EU-U.S. Data Privacy Framework. This list is available at the following link: Data protection adequacy for non-EU countries.

HubSpot Inc. is certified under the EU-U.S. Data Privacy Framework and therefore committed to complying with appropriate data protection standards. The list of certified companies can be accessed via: Participant Search (dataprivacyframework.gov).

If your data is transferred to third countries without an adequacy decision, there is a risk that authorities in those countries may access your data for security or surveillance purposes without you being informed or having legal remedies.

To ensure an adequate level of data protection, Standard Contractual Clauses (SCCs) by the European Commission pursuant to Art. 46 para. 2 lit. c GDPR are used. These oblige the recipient to process the data in accordance with the EU level of protection.

If SCCs are not sufficient to guarantee an adequate protection level, additional technical, contractual, or organizational measures are taken. These measures are reviewed regularly to ensure adequate protection or supplemented as needed.

Retention Period

We retain your data as long as it is necessary for the stated purposes or until you object to processing. After that, your data will be deleted unless another legal basis justifies or requires further storage (e.g., in the case of statutory retention obligations).

4.6.2.2. Consent to Receiving Marketing Emails and Newsletters, E-Mail Tracking

Description of the Data Processing and Its Purpose

We also process your personal data (salutation, first name, last name, business email address for business contacts) to send you or your company personalized email marketing or newsletters to promote and inform you about our products, goods, services, and offers — provided you have given your explicit consent for this.

If you give consent, we may also track whether you received and opened our marketing emails, how you interacted with them, especially which links you clicked on, and to what extent you engaged with the content of our emails (newsletter tracking).

Recipients

As part of data processing, your data is transmitted to the following recipients:

HubSpot Ireland Limited, 1 Sir John Rogerson's Quay, Dublin 2, Ireland
HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA

Data Processing in Third Countries

Your data may be processed in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.

For data transfers to the USA, there is an adequacy decision by the EU Commission in accordance with Art. 45(1) GDPR concerning companies certified under the EU-U.S. Data Privacy Framework. This can be viewed at: Data protection adequacy for non-EU countries

HubSpot Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore obligated to comply with appropriate data protection standards. You can verify certification via: Participant Search (dataprivacyframework.gov)

If your data is transferred to third countries without an adequacy decision, there is a risk that local authorities may access your data for security and surveillance purposes without informing you or giving you legal remedies.

To ensure an adequate level of data protection, EU Standard Contractual Clauses (SCCs) in accordance with Art. 46(2)(c) GDPR are concluded with the recipients. These obligate the recipients to process data in compliance with the EU’s data protection level.

If SCCs are not sufficient to guarantee protection, additional technical, contractual, and organizational measures are taken to safeguard data transfers. These measures are regularly reviewed and assessed to ensure a sufficient level of protection is maintained or supplemented where needed.

Retention Period

We store your data as long as necessary to achieve the specified purposes or until you object to the processing. Once the purpose no longer applies and no other legal basis requires continued storage (e.g. legal retention obligations), we delete your data.

4.6.2.3. Consent to Receive Promotional Emails in Exchange for Permanent Access to Webinars, Whitepapers, Guides, Checklists, and Other Templates

Description of Data Processing and Purpose

We also process your personal data (title, first name, last name, business email address for business contacts) to target you or your company with personalized promotional emails and newsletters to inform you about our products, services, and offers—provided you have given us separate explicit consent to do so.

If you give your consent, you also allow us to process data on how you interact with our marketing emails. This includes whether you open emails, how you engage with content, which links are clicked, and whether emails are read completely or not (email tracking).

Legal Basis for Data Processing

The legal basis for this processing is Art. 6(1)(1)(a) GDPR, where you provide consent in return for access to our webinars, whitepapers, guides, checklists, and other templates. Email tracking is also based on your consent in accordance with Art. 6(1)(1)(a) GDPR.

You may withdraw your consent to data processing for marketing purposes at any time. This does not affect the legality of processing done prior to your withdrawal. To withdraw consent, use the unsubscribe link in the email or contact us using the contact information provided in the newsletter or this privacy notice.

Recipients

As part of data processing, your data is transmitted to the following recipients:

HubSpot Ireland Limited, 1 Sir John Rogerson's Quay, Dublin 2, Ireland
HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA

Data Processing in Third Countries

Your data may be processed in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.

Data Transfer to Third Countries

The processing of your data may involve the use of services in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies certified under the EU-U.S. Data Privacy Framework, which can be viewed at the following link:
Data protection adequacy for non-EU countries.

HubSpot Inc. is certified under the EU-U.S. Data Privacy Framework and thus commits to complying with appropriate data protection standards, which can be viewed at the following link:
Participant Search (dataprivacyframework.gov).

If your data is transferred to third countries for which no adequacy decision exists, there is a risk that authorities in those countries may access your data for security and surveillance purposes without informing you or allowing you legal recourse.

To ensure an adequate level of data protection during the transfer of your data to third countries, standard contractual clauses issued by the European Commission pursuant to Art. 46 (2) c GDPR are used. These obligate the recipients of the data to process them in accordance with the European level of data protection.

If the standard contractual clauses are not sufficient to ensure an adequate level of protection, additional technical, contractual, or organizational measures are taken to safeguard the data transfer. Additionally, it is regularly reviewed and assessed whether these supplementary measures continue to provide an adequate level of protection or if further supplementary measures are required.

Storage Duration

We store your data as long as it is necessary to fulfill the aforementioned purpose or until you object to the data processing. Afterwards, we delete your data unless data processing is still permitted or required under another legal basis (e.g., in the case of statutory retention obligations).

4.6.3. Telephone Advertising Measures

Description of the Data Processing and its Purpose

If you are a business contact, we process your business telephone number. If you are a consumer, we process your private telephone number in order to contact you or your company in a personalized manner by phone and to inform you about our products, goods, services, and offers.

Legal Basis for Data Processing for Business Contacts

For business contacts, the legal basis for processing is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in promoting the sale of our products, goods, and services through direct advertising.

As we comply with the requirements of the exemption provision under § 7 para. 3 UWG and process only such personal data as necessary to achieve the purpose and which are related to your professional activity, our legitimate interest in processing prevails, unless you have objected to the processing.

You can object to data processing at any time with effect for the future, without incurring any costs other than transmission costs according to the basic rates. To exercise your right to object, please use the contact details provided above under Responsible Party.

Legal Basis for Data Processing for Consumers

For consumers, the legal basis for processing is your consent under Art. 6 (1) sentence 1 lit. a GDPR in conjunction with § 7 para. 1 UWG. Your consent is voluntary and can be revoked at any time with future effect. Revoking your consent does not affect the lawfulness of the processing carried out based on the consent before its withdrawal. To exercise your right of withdrawal, please use the contact details provided above under Responsible Party.

Storage Duration

We store your data as long as it is necessary to achieve the aforementioned purposes or until you object to data processing. Afterwards, we delete your data, unless data processing is still permitted or required based on another legal basis (e.g., due to statutory retention obligations).

4.6.4. Statistical Analysis and Evaluation of Customer and Prospect Data, Market Research and Customer Satisfaction Surveys

Description of the Data Processing and its Purpose

We process your data as a prospect, e.g., via forms on our website, as well as data provided by you as a customer or employee of a customer during contractual measures or contract fulfillment, to determine which of our products and services are of interest to prospects and customers, how these can be improved, and how we can optimize our advertising efforts.

We may also use this to better target prospects with advertising based on the data, e.g., forming audiences. Your information and, if applicable, information from customer satisfaction surveys may be included in this analysis and evaluation.

We may collect the following information and data:

Your company (e.g., size, industry)
Your role within the company
Your country
Your areas of interest or product categories
Your referral source, i.e., how you became aware of us based on the information you provided

Legal Basis for Data Processing

The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR.
Our legitimate interest lies in continuously developing our products and services based on market demands, better understanding the needs and interests of our customers and potential customers, and enabling targeted direct marketing based on that.

Retention Period

We store your data as long as it is necessary to achieve the purposes stated above or until you object to data processing.
After that, we delete your data unless further data processing is permitted or required on the basis of another legal ground (e.g., due to legal retention obligations).

4.6.5. HubSpot Lead and Marketing Platform

Description of the Data Processing and its Purpose

On our websites, we integrate the service “HubSpot” by HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA.

In the European Union (EU) and the European Economic Area (EEA), the service is offered by HubSpot Ireland Limited, 1 Sir John Rogerson’s Quay, Dublin 2, Ireland.

The platform enables us to:

manage lead and customer data,
analyze and evaluate interactions with our websites,
create, analyze and evaluate interactions with our social media presences, including initiating contact and communication via social media,
conduct and analyze email marketing campaigns, and
where applicable, create, enrich and analyze profiles of potential leads,

with the aim of attracting new leads to our products and services, targeting acquired leads and existing customers with personalized marketing, and improving our marketing strategy based on analyses and evaluations — especially in online and email marketing.

Cookies and similar technologies, especially JavaScript, are used in this process to store and read data from your device.
Details about the cookies and technologies used can be found under:

"Accessing and storing information on your device"
"Cookies and similar technologies"

as well as in our cookie policy, which you can view at any time via our Usercentrics Consent Management Platform.

We use HubSpot for managing lead and customer data.

We process personal data that you provide to us via forms or chat on our websites (salutation, first name, last name, contact details such as email address and phone number, and possibly company data), information about which of our products you are interested in, as well as other details you voluntarily provide.
In addition, we use the platform to manage our customer relationships, including the above-mentioned data of your contact persons.

We use HubSpot to analyze and evaluate website visitors.

We monitor and analyze the behavior of website visitors and users on our websites.
In this way, we are able to recognize and count returning visitors using pseudonymized IDs.
We process data to determine whether someone visited our website (e.g., visit source, direct page view, social media pages, redirections from other websites or email marketing or ad campaigns), how long the visit lasted, and how often each page was accessed.

Further Data Processing with HubSpot

We also process additional data related to your interactions and behavior on our website (e.g., filling out forms, downloading documents, playing media, etc.).

We use this data to generate statistics in order to improve the attractiveness of our website, optimize the effectiveness of our marketing measures, and guide our advertising strategy.

We use HubSpot to analyze and evaluate interactions with our social media presences, as well as for initiating contact and managing communications via the social media platform.

We publish posts and, if applicable, newsletters on our social media presences, such as LinkedIn, via HubSpot, and analyze user interactions (e.g., sharing or liking posts, user interaction with newsletters—such as which links were clicked, and to what extent newsletters were read or skimmed). We use this data to generate statistics in order to improve the attractiveness of our social media presences, optimize the effectiveness of our marketing activities, and adjust our advertising strategy.

Communication via Chat Function

We use HubSpot to communicate with you via our website’s chat function and respond to your inquiries.

When responding to your inquiries, we process the personal data you provide (salutation, first name, last name, contact details such as email address and phone number, and, if applicable, information about your company), details about which of our products you are interested in, as well as any other information you voluntarily provide.

Email Marketing & Tracking

We also use HubSpot for the preparation and execution of email marketing campaigns and, where applicable, email tracking.

If you give your explicit consent on our website, we will use your email address to contact you via marketing emails and inform you via direct marketing about relevant products and services, news, events, campaigns, and other offers.

If you also give your explicit consent, we will process data to determine whether you received and opened our marketing emails, what email client software you use, which links you clicked, and how much of the email content you read.
We use this data to generate statistics to improve the effectiveness of our marketing emails and guide our email marketing strategy.

After submitting your email address via a form or chat on our website, we will send you an email asking you to confirm your email address and subscribe to promotional emails.
This double opt-in process ensures that only authorized persons subscribe to our promotional emails.

4.6.5.1. Lead Profiling

We use HubSpot to create, enrich, and evaluate prospect profiles.

The data processed through the platform is compiled into a personalized profile. It may be enriched with additional data from other sources.
We analyze the profile using scoring methods (e.g., lead scoring via ScrewerTech) to draw conclusions about which of our products and services, events, and offers may be relevant to you.
This allows us to determine your customer interest and likelihood of purchasing a product or service.

The following data may be processed:

about you personally (salutation, first name, last name, contact details such as email address and telephone number, and, where applicable, data about your company),
about your usage, interactions, and behavior on our website (e.g., page visits, form submissions, document downloads, media playback, etc.),
about your use of our marketing emails (receipt and opening, email client software used, click behavior, reading time),
about your interactions with our social media presences.

Through this, we optimize our marketing measures and guide our advertising strategy to address you as precisely as possible.

Legal Bases for Data Processing

The legal basis for using the platform to manage leads and customer data is Art. 6 (1)(f) GDPR.
Our legitimate interest lies in managing contact data for potential and existing customers effectively and using the platform's capabilities for further processing activities.

The legal basis for embedding and using the platform to analyze and evaluate interactions on our websites is your consent, provided via our Consent Management Platform "Usercentrics".

The use of cookies and similar technologies is based on § 25 (1) TTDSG.
Subsequent data processing is based on Art. 6 (1)(a) GDPR.

Your consent is voluntary and can be withdrawn at any time with future effect.
To withdraw, click the link "Cookie Settings" at the bottom of our website or access "Usercentrics" again.

The legal basis for analyzing interactions on our social media presences is your consent under Art. 6 (1)(a) GDPR, provided to the social media provider.

Your consent is voluntary and can be withdrawn at any time with future effect.
To learn how to withdraw, please consult the privacy policy of the respective social media provider.
Additionally, you can object to the processing of data specifically concerning you by contacting the responsible contact mentioned above.

Legal bases for communication via social media and responding to messages via social media channels are also your consent under Art. 6 (1)(a) GDPR, and, where applicable, Art. 6 (1)(b) GDPR, insofar as your inquiry is related to the performance of a contract.

Your consent is voluntary and can be withdrawn at any time with future effect.
If you wish to withdraw your consent to data processing in connection with correspondence, contact the responsible contact person mentioned above.

4.6.5.2. Legal Basis for the Processing of Your Data

Legal Basis for Data Processing

The legal basis for processing your data in the context of email marketing and email tracking, including audience analysis and evaluation of the success of our email campaigns, as well as the creation and evaluation of prospect profiles, is your consent, Art. 6(1)(a) GDPR, which is collected separately (e.g., via forms).

If the use of your data for advertising purposes is made in exchange for permanent access to our webinars, whitepapers, guides, checklists, and other templates, the legal basis is Art. 6(1)(b) GDPR.

The use of cookies and similar technologies is also based on § 25(1) TTDSG. The subsequent data processing is based on Art. 6(1)(a) GDPR.

Your consent is voluntary and can be withdrawn at any time with future effect.
To withdraw your consent for email marketing and email tracking, or for creating and evaluating prospect profiles, please contact the responsible contact person listed above.

Recipients

In the course of using the service, the following recipients will receive the data collected via our websites:

HubSpot Ireland Limited, 1 Sir John Rogerson's Quay, Dublin 2, Ireland,
HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA.

Further information about how personal data is handled by the provider of this service can be found at:
👉 https://legal.hubspot.com/de/privacy-policy

Data Processing in Third Countries

The processing of your data when using the service may also take place in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.

For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45(1) GDPR for companies certified under the EU-U.S. Data Privacy Framework.
You can find more information at:
👉 Data protection adequacy for non-EU countries

HubSpot Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with adequate data protection standards, as can be reviewed at:
👉 Participant Search (dataprivacyframework.gov)

When transferring your data to other third countries where no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without informing you or giving you legal remedies.

To ensure an adequate level of data protection for the transfer of your data to a third country, standard contractual clauses of the European Commission pursuant to Art. 46(2)(c) GDPR are concluded. These require the recipient of the data to process it in accordance with EU data protection standards.

4.6.5.3. Data Retention Period

Unless otherwise stated, we store your data to the extent necessary for the achievement of the stated purposes.
After that, we delete your data unless data processing is permitted based on another legal basis, particularly for the fulfillment of legal retention or documentation obligations (e.g., statutory retention or documentation obligations).

5. Other Data Processing Activities

5.1. Documentation of Compliance with Data Protection

Description of Data Processing and Purpose

If you submit a declaration of consent, we process your personal data regarding the circumstances and time of submission (including signature, email address, telephone or fax number, or IP address) to provide accountability under Art. 5(2) GDPR, demonstrating that you have consented to the data processing.

If you exercise your data subject rights under the GDPR, we also process your personal data for the purpose of providing accountability under Art. 5(2) GDPR, showing that we have complied with the GDPR in handling your request.

Legal Basis for Data Processing

The processing is based on Art. 6(1)(c) GDPR or Art. 6(1)(f) GDPR.
Our legitimate interest lies in documenting compliance with the GDPR to fulfill our accountability obligations.

Recipients

In addition, your personal data may be forwarded to our external company data protection officers in connection with your request, as they support us in ensuring GDPR compliance.

Retention Period

We store your data as long as it is required to fulfill the purposes mentioned.
For submitted consents, we store the data regularly until the end of 3 years after the end of the year in which we last used the data.
Data processed in connection with the exercise of data subject rights is also stored regularly for 3 years after the end of the year in which the request was made.

Afterward, your data is deleted unless further data processing is permitted based on another legal basis or required by law (e.g., legal retention obligations).

5.2. Fulfillment of Other Legal Obligations

Description of the Data Processing and Its Purpose

We process personal data where necessary for the fulfillment of a legal obligation. The scope of the data to be processed is derived from the legal obligation we must comply with.

Legal Basis for Data Processing

The legal basis for processing your data in these cases is Art. 6(1)(c) GDPR in conjunction with the relevant legal provision that imposes such an obligation on us.

This may include, for example, provisions from the German Fiscal Code (AO) (e.g. § 147 AO), the Commercial Code (HGB) (e.g. § 257 HGB), or the Code of Criminal Procedure (StPO).

Recipients

Where necessary, your data will be transmitted to tax advisors, auditors, financial or investigative authorities, legal advisors, experts, or courts.

Data Retention Period

We store your data to the extent necessary to fulfill the stated purpose. The retention period follows the special statutory regulations that require us to retain or store data for up to 10 years, depending on the specific beginning of the retention period as defined in the applicable special legislation.

Afterward, your data will be deleted unless further data processing is permitted based on another legal basis, including retention in other systems.

5.3. Assertion or Defense of Legal Claims

Description of the Data Processing and Its Purpose

We also process your data in individual cases for the purpose and legitimate interest of asserting legal claims, e.g., to enforce demands for payment, contractual claims, or other claims that are relevant in legal disputes.

Furthermore, we process your data in individual cases for the purpose and legitimate interest of defending against legal claims made against us, e.g., in the context of product defect liability claims, provided your data is relevant for a legal dispute.

Legal Basis for Data Processing

The legal basis for processing your data is Art. 6(1)(f) GDPR.

Recipients

Where necessary, your data will be transmitted to tax advisors, auditors, financial or investigative authorities, legal advisors, experts, or courts.

Data Retention Period

We store your data in individual cases to the extent necessary for the purpose stated. After that, your data will be deleted unless further processing is permitted under another legal basis, including retention in other systems (e.g., due to statutory retention obligations).

6. Your Rights

Below you will find information about the data subject rights granted to you by applicable data protection law with respect to the processing of your personal data by the data controller:

You have the right, under Art. 15 GDPR, to request information about the personal data we process about you. In particular, you may request details about:

the purposes of the processing,
the categories of personal data processed,
the recipients or categories of recipients to whom your data has been or will be disclosed,
the planned retention period,
the existence of the right to rectification, deletion, restriction of processing, or objection,
the right to lodge a complaint with a supervisory authority,
the origin of your data (if not collected from you),
the existence of any automated decision-making, including profiling, and if applicable, meaningful information about the logic involved.

You have the right, under Art. 16 GDPR, to demand the immediate correction of incorrect or completion of incomplete personal data we hold about you.

You have the right, under Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is required:

to exercise the right to freedom of expression and information,
to comply with a legal obligation,
for reasons of public interest,
or for the establishment, exercise, or defense of legal claims.

You have the right, under Art. 18 GDPR, to request restriction of processing of your personal data:

if you contest the accuracy of the data,
if the processing is unlawful but you oppose its erasure,
if we no longer need the data but you require it to assert, exercise or defend legal claims,
or if you have objected to processing under Art. 21 GDPR.

You have the right, under Art. 20 GDPR, to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format and to request that this data be transmitted to another controller.

You have the right, under Art. 77 GDPR, to lodge a complaint with a supervisory authority. Usually, you can contact the supervisory authority of your habitual residence, place of work, or the place of the alleged infringement.

You have the right to withdraw your consent under Art. 7(3) GDPR. This means you may withdraw your previously given consent at any time with effect for the future. Upon withdrawal, we will immediately delete the data concerned, unless further processing is based on a different legal basis that does not require consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to Object

If your personal data is processed on the basis of legitimate interests under Art. 6(1)(f) GDPR, you have the right, under Art. 21 GDPR, to object to the processing of your personal data if there are reasons arising from your particular situation.

If your personal data is processed for direct marketing purposes, you have the general right to object at any time to the processing of your personal data for such purposes, without needing to provide a specific reason.

Möchten Sie von Ihrem Widerrufs- oder Widerspruchsrecht Gebrauch machen, genügt eineE-Mail an

info@alliance-nuernberg.de

Free trial lesson

Our opening hours

Monday:

4:45 PM to 8:45 PM

Tuesday:

7:00 AM to 8:00 AM and 4:45 PM to 8:30 PM

Wednesday:

4:00 PM to 8:15 PM

Thursday:

7:00 AM to 8:00 AM and 4:45 PM to 8:45 PM

Friday:

1:15 PM to 2:45 PM and 4:45 PM to 7:45 PM

Saturday:

9:45 AM to 12:45 PM

Sunday:

10:45 AM to 1:00 PM

Dream Art Jiu Jitsu Team Willy-Brandt-Platz 4 90402 Nuremberg

Information on ratings

dream art

DATA PROTECTION

OUR GUIDELINES

Privacy Policy

1. Responsible party

2. Contact details of the data protection officer

3. Data processing when operating the website

3.1. Webhosting

3.1.1. Webflow

Description of data processing and purpose

Legal basis for data processing

Recipients

Data processing in third countries

Storage period

3.1.2 Amazon CloudFront (in connection with Webflow)

Description of data processing and purpose

Legal basis for data processing

Recipients

3.3 Data processing in connection with cookies and similar technologies

3.3.1 Access to and storage of information in terminal device

Data processing in third countries

Storage period

3.1.2 Amazon CloudFront (in connection with Webflow)

Description of data processing and purpose

Legal basis for data processing

Storage period

3.3. Data processing in connection with cookies and similar technologies

3.3.1. Access to and storage of information in terminal devices

3.3.2 Cookies and Similar Technologies

3.3.2.2 Kategorie Essenziell

3.3.2.3. Functional Category

3.3.2.4. Statistics Category

3.3.2.5. Marketing Category

3.4 Consent Management via Consent Management Platform Usercentrics

3.5 Google Tag Manager

3.6 Google Analytics

Data Processing in Third Countries

Storage Duration

3.7 Google Advertising Services and Features

Description of Data Processing and Its Purpose

Consent Management Platform "Usercentrics".

Legal Basis for Data Processing

Recipients

Data Processing in Third Countries

Storage Duration

3.8 Microsoft Advertising (Bing Ads)

Recipients

Storage Duration

3.9 Contact Form and General Inquiries via E-mail

Description of Data Processing and Its Purpose

Legal Basis for Data Processing

Recipients

Data Processing in Third Countries

Storage Duration

3.10. Web Forms for Collecting Advertising Data, HubSpot

4. Data Protection Information for Customers and Other Contractual or Business Partners as well as Interested Parties

4.1. Contract Initiation, Execution, Fulfillment and for the Implementation of Pre-contractual Measures (General)

Description of the Data Processing and Its Purpose

Legal Basis for Data Processing

Sources

Recipients

Retention Period

Necessity of Providing Personal Data

4.2. Booking Demo Appointments with Demodesk

Description of the Data Processing and Its Purpose

Legal Basis for Data Processing

Recipients

Retention Period

4.3. Booking Audit Appointments with Microsoft Booking

Description of the Data Processing and Its Purpose

Recipients

Data Processing in Third Countries

Retention Period

4.4. Conducting Product Demonstrations with Storylane

Description of the Data Processing and Its Purpose

Legal Basis for Data Processing

Recipients

Data Processing in Third Countries

Retention Period

4.5. Conducting Webinars with GoTo Webinar

Description of the Data Processing and Its Purpose

3.3. Data processing in connection with cookies and similar technologies

3.3.1. Access to and storage of information in terminal devices