Privacy policy statement

This privacy policy statement details the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online service and of the associated websites, functions and content as well as external online presence. With regard to the terminology used, such as, for example, “processing” or “controller” we make reference to the definitions provided in Article 4 of the General Data Protection Regulation (GDPR).

Controller:

IRES Infrarot Energiesysteme GmbH
E-mail address: info@ires-gmbh.de
Managing director: Tilman Kraus
Imprint

Types of processed data:

Master data (e.g. name, addresses).
Contact details (e.g. e-mail, phone numbers).
Content data (e.g. texts, photos, videos).
Usage data (e.g. websites visited, interest in contents, access time).
Metadata and communication data (e.g. device information, IP addresses).

Categories of data subjects:

Visitors and users of the online service (hereinafter we also refer to data subjects collectively as “users”).

Purpose of the data processing:

Giving access to our online service, its functions and contents.
Answering contact requests and communicating with users.
Safety Measures.
Audience measurement/ marketing

Terminology used:

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is extensive and encompasses virtually all dealings with data.

“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Relevant legal bases:

In accordance with Article 13 of the GDPR, we inform you of the relevant legal bases of our data processing. The following applies whenever the privacy policy statement does not explicitly mention the legal basis: The legal basis for obtaining consent is Article 6  (1) (a) and Article 7 of the GDPR, the legal basis of data processing for performing services and contractually agreed measures as well as for answering inquiries is Article 6 (1) (b) of the GDPR, the legal basis of data processing for complying with our legal obligations is Article 6 (1) (c) of the GDPR, the legal basis of data processing for the purposes of our legitimate interests is Article 6 (1) (f) of the GDPR. In cases where processing is necessary in order to protect the vital interests of the data subject or of another natural person, Article 6 (1) (d) of the GDPR represents the legal basis.

Safety Measures:

In accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

Said measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the relevant access, input, transmission, safeguarding of availability and separation of the data. Furthermore we have set up procedures which guarantee that data subjects can effectively exert their rights, allow erasure of data and a reaction to any endangerment of the data. Moreover we already consider the protection of personal data in the development and/or selection of hardware and software as well as procedures, in accordance with the principle of data protection with technology engineering and with data-protection-friendly presettings (Article 25 of the GDPR)).

Collaboration with order processors and third parties:

If within our processing we disclose data to other persons and companies (processors or third parties), transmit the same to them or otherwise grant them access to the data, this occurs solely based on legal permission (e.g. when the transmission of data to third parties, such as payment service providers, is necessary to fulfil the contract in accordance with point Article 6 (1) (b) of the GDPR), if you have given your consent, if a legal obligation allows for this or on the basis of our justified interests (e.g. when using contractors, web hosts, etc.).

Insofar as we commission third parties to process data on the basis of a so-called "data processing agreement", this is based on Article 28 of the GDPR.

Transfer to third countries:

Insofar as we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or this takes place as part of the availment of services of third parties or the disclosure or transmission of data to third parties, this only occurs if it takes place to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our justified interests. Subject to legal or contractual permission, we only process the data or have the data processed in a third country when the special requirements of article 44 et seq. of the GDPR apply. In other words, the processing takes place, for example, on the basis of special guarantees such as the officially recognised ascertainment of one of the EU compliant data privacy protection levels (e.g. for the USA through the "Privacy Shield") or the observance of officially recognised special contractual obligations (known as "standard contract clauses").

Rights of the data subjects:

In accordance with Article 15 of the GDPR, you have the right to obtain from the controller confirmation as to whether or not personal data concerning yourself are being processed, and, where this is the case, access to the personal data as well as to other information and to obtain copies of the data.
In accordance with Article 16 of the GDPR, you have the right to obtain the completion or rectification of inaccurate personal data concerning yourself.

In accordance with Article 17 of the GDPR, you have the right to obtain the immediate erasure of personal data. As an alternative, in accordance with Article 18 of the GDPR, you have the right to obtain a restriction of processing of your data.

In accordance with Article 20 of the GDPR, you have the right to receive the personal data concerning yourself, which you have provided to us and have the right to obtain the transmission of same to other controllers.

Furthermore, in accordance with Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority.

Right to object:

In accordance with Article 21 of the GDPR you have the right to object to future processing of personal data concerning yourself. This objection can be raised in particular against the processing for direct advertising purposes.

Cookies and the right to object to direct advertising:

“Cookies” are small files stored on users’ computers. Cookies allow various information to be stored inside them. A cookie is primarily used to store the information about a user (or the device on which the cookie is stored) during or after a visit to an online service. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are erased after a user leaves an online service and closes the browser. Such a cookie can be used to store, for example, the contents of a shopping cart in an online shop or a login status. The term "permanent" or "persistent" refers to cookies that remain stored on the device even after the browser has been closed. Thus, e.g. the login status will be saved if users visit the site after several days again. Likewise, such a cookie can be used to store the interests of the users, which are used for audience measurement or marketing purposes. A "third-party cookie" refers to cookies offered by providers other than the person responsible for the online service (otherwise, cookies belonging only to the latter are referred to as "first-party cookies").

We may use temporary and permanent cookies and will explain this in our privacy policy statement.

If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in their browser's system settings. Saved cookies can be deleted in the system settings of the browser. Disabling cookies can lead to functional restrictions of this online service / website.

A general opposition to the use of the cookies used for the purpose of online marketing can be declared for a variety of services, especially in the case of tracking, on the US site http://www.aboutads.info/choices/ or on the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be prevented by switching them off in the settings of the browser. Please note that, in this case, you may not have access to all features of this online service.

Erasure of data:

Data processed by us is erased or the processing of this data is restricted in compliance with Articles 17 and 18 of the GDPR. Unless explicitly specified otherwise within this privacy policy statement, the data stored by us is erased as soon as it is no longer necessary for the purpose originally intended and if the erasure would not constitute a violation of statutory duties requiring the retention of such data. If the data is not erased, because it is required for other, legally permissible purposes, the processing thereof will be restricted. i.e. the data is blocked and not processed for other purposes. This applies, for example, to data which must be retained according to commercial or tax law.

In accordance with legal regulations in Germany, data is retained for 10 years in accordance with Articles 147 paragraph 1 AO [German Tax Code], 257 paragraph 1 no. 1 and 4, paragraph 4 HGB [German Commercial Code] (books, records, management reports, accounting documents / receipts, trading books, documents relevant for taxation, etc.) and for 6 years in accordance with Article 257 paragraph 1 no. 2 and 3, paragraph 4 HGB [German Commercial Code] (commercial letters).

In accordance with legal regulations in Austria, the data is retained in particular for 7 years in accordance with Article 132 paragraph 1 BAO (accounting documents, receipts / invoices, accounts, receipts, business papers, statements of income and expenses, etc.), for 22 years if the data is in connection with real estate and documents related to electronically supplied services, telecommunications, broadcasting and television services provided to individuals in EU member states for which the Mini-One-Stop-Shop (MOSS) is used, are retained for 10 years.

Agency services:

We process our customers' data as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development / consulting or maintenance, implementation of campaigns and processes / handling, server administration, data analysis / consulting services and training services.

We process master data (e.g. customer master data, such as names or addresses), contact details (e.g. e-mail, telephone numbers), content data (e.g. texts entered, photographs, videos), contract data (e.g. subject matter of the contract, term), payment data (e.g. bank details, payment history), usage and metadata (e.g. within the frame of the evaluation and performance measurement of marketing measures). We do not process special categories of personal data unless these are part of commissioned processing. Data subjects are our customers, prospects, their customers, users, website visitors or employees, as well as third parties. The purpose of the processing is to provide contractual services, billing and our customer service. The legal basis for processing results from Article 6 (1) (b) of the GDPR (contractual services), Article 6 (1) (f) of the GDPR (analysis, statistics, optimization, safety measures). We process data which are necessary to establish and fulfil the contractual services and point out when their disclosure is necessary. Disclosure to external parties only takes place if it is necessary within the framework of an order / contract. When processing the data provided to us within the scope of an order / contract, we act in accordance with the instructions of the client and the legal requirements for order processing pursuant to Article 28 of the GDPR and process the data for no other purposes than those stipulated in the order / contract.

We erase the data after the expiry of statutory warranty and comparable obligations. The necessity of storing the data is verified every three years; whenever statutory retention (archiving) obligations apply, the data is deleted after their expiry (6 years, in accordance with Article 257 paragraph 1 HGB [German Commercial Code], 10 years in accordance with Article 147 paragraph 1 AO [German Tax Code]). In the case of data disclosed to us within the scope of an order / contract by the client, we erase the data in accordance with the specifications of the order / contract, generally after the completion of the order / contract. 

Contractual services:

We process the data of our contractual partners and prospects as well as other clients, customers or contractual partners (collectively referred to as "contractual partners") in accordance with Article 6 (1) (b) of the GDPR to provide our contractual or pre-contractual services to them. The data processed within this frame, the type, scope and purpose and the necessity of their processing, are determined by the underlying contractual relationship.

The processed data includes the master data of our contractual partners (e.g. names and addresses), contact details (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g. services used, contract contents, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).

We do not process special categories of personal data, unless they are part of a commissioned or contractual processing.

We process data which are necessary to establish and fulfil the contractual services and point out when their disclosure is necessary, unless this is evident to the contractual partners. Disclosure to external parties or companies only takes place if it is necessary within the framework of a contract. When processing the data provided to us within the frame of an order / contract, we act in accordance with the instructions of the client and applicable legal requirements.
When our online services are used, we may store the IP address and the time of the respective user actions. This data is stored on the basis of our legitimate interests as well as the users' interests in the protection against misuse and other unauthorized use. As a matter of principle, this data will not be passed on to third parties, unless it is necessary to pursue our claims pursuant to Article 6 (1) (f) of the GDPR or there is a legal obligation in accordance with Article 6 (1) (c) of the GDPR.

The data will be erased as soon as it is no longer required for the fulfillment of contractual or statutory duties of care or for the handling of any warranty or comparable obligations, whereby the necessity of storing the data is verified every three years; in all other respects, the statutory retention obligations apply.

Administration, financial accounting, office organisation, contact management:

We process data in the context of administrative tasks and organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of the provision of our contractual services. The legal bases for processing the data are Article 6 (1) (c) of the GDPR, Article 6 (1) (f) of the GDPR. The processing affects customers, prospects, business partners and website visitors. The purpose and our interest in the processing are the administration, financial accounting, office organization, archiving of data, thus tasks which serve to maintain our business activities and operations, the fulfilment of our tasks and provision of our services. The erasure of the data used for providing contractual services and related to contractual communication is in line with the policy described for these processing activities.

We disclose or transmit data to the financial administration, consultants, such as tax advisors or auditors, and other billing offices and payment service providers.

Furthermore, based on our business interests, we store information about suppliers, promoters and other business partners, e.g. in order to be able to contact them at a later date. We generally store this mostly company-related data permanently.

Business analyses and market research:

In order to run our business in a profitable manner, to be able to recognize market trends, wishes of contracting parties and users, we analyse the data we have on business transactions, contracts, inquiries, etc. We process master data, communication data, contract data, payment data, usage data, metadata in accordance with Article 6 (1) (f) of the GDPR, whereby the data subjects are represented by contractual partners, prospects, customers, visitors and users of our online service.

The analyses are carried out for the purpose of business analyses, marketing and market research. In our analyses, we may consider the profiles of registered users with information, such as, for example, the services they used in the past. The analyses are useful to us for improving the user-friendliness, optimising our service and increasing cost-efficiency. The analyses are intended for use only and will not be disclosed to third parties unless they are anonymous, aggregated value analyses.

If these analyses or profiles are personal, they will be erased or anonymised upon termination of the users, otherwise after two years from the date of the conclusion of the contract. Incidentally, the overall business and general trend analyses are created anonymously if possible.

Privacy Policy in the Application Process:

We process applicant data only for the purpose and in the context of the application process in accordance with the legal requirements. Applicant data are processed in order to fulfil our (pre-) contractual obligations in the context of the application process within the meaning of Article 6 (1) (b) of the GDPR, Article 6 (1) (f) of the GDPR if the data processing is required for us e.g. in the context of legal proceedings (Article 26 of the BDSG [Federal Data Protection Act] applies in addition to GDPR).

The application process requires applicants to provide us with their applicant data. The mandatory applicant data are marked as such on the online form (if available), otherwise they are indicated in job descriptions and basically include the information on the person, postal address and contact details and application documents, such as a cover letter, a CV and certificates. In addition to this, applicants may voluntarily provide us with additional information.

By submitting the application to us, the candidates give their consent to the processing of their data for the purposes of the application process in accordance with the type and scope of processing set out in this privacy policy statement.

Insofar as special categories of personal data within the meaning of article 9 paragraph 1 of the GDPR are voluntarily communicated in the frame of the application process, their processing is carried out in accordance with Article 9 (2) (b) of the GDRP as well (this applies e.g. to health information such as disabilities or ethnic origins). Insofar as special categories of personal data within the meaning of Article 9 (1) of the GDPR are requested from the applicants, their processing is carried out in accordance with Article 9 (2) (a) of the GDPR (this applies e.g. to health information in cases when it is required for the profession concerned).

If an online form is available on our website, applicants may use it to submit their applications to us. The data will be encrypted and transmitted to us according to the state of the art of the technology.

Furthermore, applicants can send us their applications via e-mail. However, please note that e-mails are generally sent unencrypted and that applicants must ensure their encryption themselves. We therefore assume no responsibility for the security of the application transmission between the sender and the receipt on our server and therefore recommend using an online form or regular mail instead. We want to point out that in addition to possibility of sending the application via the online form and e-mail, applicants still may send us the application via regular mail.

The data provided by the applicants may be further processed by us for employment purposes if the application is successful. Otherwise, if the application for a job offer is not successful, the applicants' data will be erased. Applicants have the right to withdraw their application at any time; in the case of such a withdrawal, applicants' data will be erased as well.

If the withdrawal notified by the applicant is legitimate, the erasure of its data will be carried out after a period of six months, in order to allow us to answer follow-up questions regarding the application and meet our obligations under the Gleichbehandlungsgesetz [German Equal Treatment Act]. Invoices for reimbursements of travel expenses are archived in accordance with applicable tax regulations.

Contact:

When contacting us (for example, via contact form, e-mail, phone or via social media) the information provided by the user is processed in accordance with Article 6 (1) (b) of the GDPR in order to answer the contact request / inquiry. User information can be stored in a Customer Relationship Management system ("CRM system") or similar inquiry organisation tool.

We delete inquiries, as soon as they are no longer required. We check the necessity of retaining data every two years; data is retained as required by legal archiving obligations.

Hosting and e-mailing:

The hosting services we use are designed to provide the following services: infrastructure and platform services, computing capacity, storage and database services, e-mailing, security and technical maintenance services that we use to operate this online service.

Within this frame, we, or our hosting provider, process master data, contact details, content data, contract data, usage data, meta and communication data of customers, prospects and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Article 6 (1) (f) of the GDPR in conjunction with Article 28 of the GDPR (conclusion of a data processing agreement).

Collection of access data and log files:

We, or our hosting provider, collect, on the basis of our legitimate interests within the meaning of Article 6 (1) (f) of the GDPR, data on every access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Logfile information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and then erased. Data whose further retention is required for evidential purposes shall be exempted from the erasure until final clarification of the related incident.

Google Tag Manager:

Google Tag Manager is a solution that allows us to manage so-called website tags via a single interface (and thus to integrate, for example, Google Analytics and other Google marketing services into our online service). The Tag Manager itself (which implements the tags) does not process any personal user data. With regard to the processing of personal user data, reference is made to the following information on Google services. Terms of use: https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Analytics:

On the basis of our legitimate interests (i.e. interest in the analysis, optimization, and cost-efficient operation of our online service within the meaning of Article 6 (1) (f) of the GDPR) we use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google uses cookies. The information generated by the cookie about the use of the online service by the users are usually transmitted to a Google server in the USA and stored there.

Google has certified that it adheres to the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online service by users, to compile reports on the activities within this online service and to provide us with further services related to the use of this online service and the internet. In doing so, pseudonymous usage profiles of the users can be created from the processed data.

We only use Google Analytics with activated IP anonymisation. This means that, in member states of the European Union or in other contracting states of the Agreement on the European Economic Area, the IP address of the users will be truncated by Google. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there.

The IP address submitted by the user's browser will not be merged or associated with other data available to Google. Users can prevent the storage of cookies by setting their browser software accordingly; users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online service and prevent the processing of such data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

For further information about Google's data usage, setting and opt-out options, please refer to Google's privacy policy statement (https://policies.google.com/technologies/ads) as well as to the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

Personal user is erased or anonymised after 14 months.

Google Universal Analytics:

We use Google Analytics in its configuration as “Universal Analytics”. “Universal Analytics” refers to a Google Analytics process in which user analysis is carried out based on a pseudonymous user ID, enabling a pseudonymous user profile to be created with information from the use of various devices (so-called “cross-device tracking”).

Target group formation with Google Analytics:

We use Google Analytics to display ads placed by Google and its partners within advertising services only to users who have also shown an interest in our website or who exhibit certain characteristics (e.g. interests in certain topics or products that are determined by the visited websites) that we transmit to Google (so-called “remarketing” or “Google Analytics Audiences”). By using remarketing audiences we also aim to ensure that our ads match the potential interests of users.

Google AdWords and conversion measurement:

Based on our legitimate interests (i.e. interest in the analysis, optimization, and cost-efficient operation of our online service within the meaning of Article 6 (1) (f) of the GDPR) we use services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google has certified that it adheres to the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use Google's online marketing tool "AdWords" to place ads on the Google advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who may have an interest in such ads. This allows us to purposefully display ads for and within our online service so as to present the users only with ads that potentially match their interests. The strategy used when a user is shown, for example, ads for products he has been looking for or he has shown interest for on other online services, is called “remarketing”. For this purpose, upon access to our and other websites where the Google Advertising Network is active, Google will immediately execute a Google code and incorporate so-called (re) marketing tags (invisible graphics or code, also known as "Web beacons ") into the website. Thanks to the latter, an individual cookie, i.e. a small file, is saved on the user’s device (instead of cookies, comparable technologies may also be used). This file is used to store websites visited, content viewed and offers / services clicked on, as well as technical information about the browser and operating system, referring websites, visit time and other information on the use of the online service.

Furthermore, we receive an individual "conversion cookie". The information obtained thanks to this cookie is used by Google to generate conversion statistics for us. However, we are only provided with the anonymous total number of users who clicked on our advertisement and were redirected to a conversion tracking tag page. We do not receive information that would allow users to be identified personally.

User data are processed under pseudonyms within the Google advertising network. This means that Google does not store and process the names or e-mail addresses of users, for example, but it processes the relevant data based on cookies within pseudonymous user profiles instead. Consequently, from the perspective of Google, advertisements are not managed and displayed to a specifically identified person, but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymisation. The information collected about users is transmitted to Google and stored on Google's servers in the United States.

For further information about Google's data usage, setting and opt-out options, please refer to Google's privacy policy statement (https://policies.google.com/technologies/ads) as well as to the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

Google Doubleclick:

Based on our legitimate interests (i.e. interest in the analysis, optimization, and cost-efficient operation of our online service within the meaning of Article 6 (1) (f) of the GDPR) we use services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google has certified that it adheres to the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use Google's online marketing tool "Doubleclick" to place ads on the Google advertising network (e.g., in search results, in videos, on websites, etc.). Double Click has the particularity that advertisements are displayed to the users in real time and in a customised manner based on presumed interests. This allows us to purposefully display ads for and within our online service so as to present the users only with ads that potentially match their interests. The strategy used when a user is shown, for example, ads for products he has been looking for or he has shown interest for on other online services, is called “remarketing”. For this purpose, upon access to our and other websites where the Google Advertising Network is active, Google will immediately execute a Google code and incorporate so-called (re) marketing tags (invisible graphics or code, also known as "Web beacons ") into the website. Thanks to the latter, an individual cookie, i.e. a small file, is saved on the user’s device (instead of cookies, comparable technologies may also be used). This file is used to store websites visited, content viewed and offers / services clicked on, as well as technical information about the browser and operating system, referring websites, visit time and other information on the use of the online service.

The IP address of users is collected but, in member states of the European Union or other contracting states of the Agreement on the European Economic Area, the IP address is truncated and, in exceptional cases only, it is sent to a Google server in the United States and truncated there. Aforementioned information may be associated and merged by Google with other comparable information from other sources. If the user subsequently visits other websites, customised advertisements, determined based on their interest presumed which is in turn based on their user profile, may be displayed to him.

User data are processed under pseudonyms within the Google advertising network. This means that Google does not store and process the names or e-mail addresses of users, for example, but it processes the relevant data based on cookies within pseudonymous user profiles instead. Consequently, from the perspective of Google, advertisements are not managed and displayed to a specifically identified person, but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymisation. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google's servers in the United States.

For further information about Google's data usage, setting and opt-out options, please refer to Google's privacy policy statement (https://policies.google.com/technologies/ads) as well as to the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

Online presence in social media:

We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. When the respective networks and platforms are accessed, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy statement, we process data of users as long as they communicate with us within social networks and platforms, e.g. write posts on our online profiles or send us messages.

Integration of services and contents of third parties:

Based on our legitimate interests (i.e. interest in the analysis, optimization, and cost-efficient operation of our online service within the meaning of Article 6 (1) (f) of the GDPR) we make use of content or services offered by third-party providers in order to provide their content and services on our website (such content include videos or fonts, for example, and are collectively referred to as "content").

This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for displaying this type of content. We endeavour to use only content whose respective providers use IP addresses solely for delivering the content. Third party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring web pages, visit time, and other information regarding the use of our online offer. Furthermore, the pseudonymous information may be merged and associated with comparable types of information from other sources.

Youtube:

We incorporate videos of the “YouTube” platform owned by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy statement: https://www.google.com/policies/privacy/, 
Opt out: https://adssettings.google.com/authenticated.

Google Fonts:

We incorporate fonts (“Google Fonts”) owned by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy statement: https://www.google.com/policies/privacy/, 
Opt out: https://adssettings.google.com/authenticated.

Google ReCaptcha:

We incorporate the bot detection function (“ReCaptcha”), e.g. for data entries into online forms, owned by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy statement: ires-gmbh.de/ https://www.google.com/policies/privacy/,
Opt out: https://adssettings.google.com/authenticated.

Google Maps:

We incorporate maps of the “Google Maps” service owned by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and location data of users, but they are not collected without their consent (usually, this consent is part of the settings of their mobile devices). The data may be processed in the USA. Privacy policy statement: https://www.google.com/policies/privacy/, 
Opt out: https://adssettings.google.com/authenticated.