Privacy Policy Alpsfloor

With this privacy policy, we would like to inform you about the nature, scope and purpose of the processing of personal data (also referred to as “data” below). Personal data is any data that has a personal connection to you, such as name, address, e-mail address or your user behavior. The privacy policy applies to all data processing operations carried out by us, both as part of our core activities and to the online media provided by us.

Who is responsible for data processing

Responsible for data processing is:

Alpsfloor GmbH
‍Bruno Buozzi 16
39100 Bolzano - Italy
+39 0471 155 1880
info@alpsfloor.com
www.alpsfloor.com/legal-notice

Processing of your data as part of our company's core activity

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship between us. In this sense, the data processed by us includes all data that is or has been provided by you for the purpose of using the contractual or pre-contractual services and that is required to process your request or the contract concluded between us. Unless otherwise stated in the further information in this privacy policy, the processing of your data and its transfer to third parties is limited to the data that is necessary and appropriate to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and to fulfill legal obligations. We will inform you which data is required for this before or as part of data collection. Insofar as we use third-party providers to provide our services, the privacy policies of the respective third-party providers apply.

Affected data:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • contact details (e.g. email address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, contract duration)

Affected persons: Interested parties, business and contract partners

Processing purpose: Processing of contractual services, communication and answering contact requests, office and organizational procedures

legal basis: Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Your rights under the GDPR

According to the GDPR, you have the following rights, which you can assert at any time from the person responsible named in Section 1 of this Privacy Policy:

  • Right to information: You have the right to request information from us as to whether and which data we process from you.
  • Right to rectification: You have the right to request that incorrect or incomplete data be corrected.
  • Right to delete: You have the right to request that your data be deleted.
  • Right to restriction: In certain cases, you have the right to request that we only process your data to a limited extent.
  • Right to data portability: You have the right to request that we transfer your data to you or another person responsible in a structured, common and machine-readable format.
  • Right to lodge a complaint: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, your place of work or our company headquarters is responsible.

Right of Withdrawal

You have the right to withdraw your consent to data processing at any time.

Right to object

You have the right to object at any time to the processing of your data, which we base on our legitimate interest in accordance with Article 6 (1) (f) GDPR. If you exercise your right to object, please explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate reasons for data processing outweigh your interests and rights.

Irrespective of the above, you have the right to object at any time to the processing of your personal data for advertising and data analysis purposes.

Please send your objection to the contact address of the person responsible given above.

When do we delete your data?

We delete your data when we no longer need it or when you tell us to do so. This means that - unless otherwise stated in the individual data protection notices in this privacy policy - we delete your data

  • when the purpose of data processing has ceased to exist and the respective legal basis stated in the individual data protection notices therefore no longer exists, e.g.
    • after termination of the contractual or membership relationships between us (Art. 6 para. 1 lit. a GDPR) or
    • following the cessation of our legitimate interest in further processing or storage of your data (Art. 6 para. 1 lit. f DSGVO),
  • if you exercise your right of withdrawal and no other legal legal basis for processing within the meaning of Art. 6 para. 1 lit. b-f GDPR applies,
  • if you exercise your right of objection and there are no compelling legitimate reasons to prevent the deletion.

However, if we still need to keep (certain parts of) your data for other purposes, for example because this requires tax retention periods (usually 6 years for business correspondence or 10 years for accounting receipts) or the assertion, exercise or defense of legal claims arising from contractual relationships (up to four years) or the data is needed to protect the rights of another natural or legal person, we will delete (the part of) your (r) Data only after these deadlines have expired. However, until these deadlines have expired, we will restrict the processing of this data to these purposes (fulfillment of storage obligations).

Cookies

Our website uses cookies. Cookies are small text files consisting of a sequence of numbers and letters that are stored on the device you use. Their main purpose is to exchange information between your device and our website. This includes, for example, language settings, login status, or the point at which a video was watched.

When you visit our website, two types of cookies are used:

Temporary cookies (session cookies):
These store a so-called session ID, which allows various requests from your browser to be assigned to a single session. Session cookies are deleted when you log out or close your browser.

Permanent cookies:
Permanent cookies remain stored even after the browser is closed. This allows our website to recognize your device when you return. For example, information such as language settings or login details may be stored in these cookies. They can also record your browsing behavior. Such data may be used for statistical, marketing, or personalization purposes.

In addition to this classification, cookies can also be distinguished by their purpose:

Necessary cookies:
These are essential for the operation of our website, for example, to maintain login sessions or shopping carts, or for security purposes.

Statistics, marketing, and personalization cookies:
These cookies are used for analytics or reach measurement. “Tracking” cookies can store information such as search terms entered or frequency of page visits. They can also record an individual user’s browsing behavior (e.g., viewing specific content, using functions, etc.) in a user profile. Such profiles are used to display content tailored to users’ potential interests.
Whenever we use services that store cookies on your device for statistical, marketing, or personalization purposes, we will inform you separately in the corresponding sections of this privacy policy or when obtaining your consent.

Data processed:

  • Usage data (e.g., access times, pages visited)
  • Communication data (e.g., device information, IP address)

Data subjects:
Users of our online services

Purpose of processing:
Displaying our web pages, ensuring website functionality, improving our online offering, communication, and marketing

Legal basis:

Legitimate interest, Art. 6(1)(f) GDPR
If we do not obtain your consent to set cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website—particularly its content and functions.
You can object to the use of cookies set under our legitimate interest through your browser’s security settings. There, you can choose whether to accept no cookies at all, only on request, or to automatically delete cookies when the browser is closed.
If cookies are deactivated for our website, some functions may no longer work fully.

Consent, Art. 6(1)(a) GDPR
If, before visiting our website, we ask for your consent to set specific cookies on your device and you agree, your consent serves as the legal basis for processing.
Within the consent process, we will inform you which cookies are set in detail.
If you do not grant consent, only technically necessary cookies will be set—those required for the website to function properly and display correctly in your browser.
If you have consented to the use of cookies, you may revoke your consent at any time.

_cf_bm Cookie

Our website uses the _cf_bm cookie provided by Cloudflare, our content delivery network (CDN).
This cookie helps detect and prevent automated traffic to protect our website from so-called “bad bots.” It is a technically necessary cookie that supports Cloudflare’s security and bot management functions.

The _cf_bm cookie contains encrypted information that only Cloudflare can decrypt, as well as time-based data used to calculate a bot score and detect anomalies if necessary.
It does not store personal data and is essential for our website’s operation. The cookie is not used to track users across websites or sessions and automatically expires after 30 minutes of inactivity.

For more information about Cloudflare’s processing, please refer to the Cloudflare Privacy Policy.

Web hosting

To maintain our websites, we use a provider on whose server our websites are stored and made available for retrieval on the Internet (hosting). In doing so, the provider can process all data transmitted via the browser you use that is generated when using our Internet pages. This includes in particular your IP address, which the provider requires in order to be able to deliver our online offer to the browser you are using, as well as any entries you have made via our website. In addition, the provider we use can

  • the date and time of access to our website
  • Time zone difference to Greenwich Mean Time (GMT)
  • Access status (HTTP status)
  • the amount of data transferred
  • the Internet service provider of the accessing system
  • The type of browser you are using and its version
  • the operating system you are using
  • The website from which you may have reached our website
  • the pages or sub-pages that you visit on our website.

Raise. The above data is stored as log files on our provider's servers. This is necessary to ensure the stability and security of the operation of our website.

Affected data:

  • Content data (e.g. posts, photos, videos)
  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address)

Affected persons: users of our website

Processing purpose: Play our Internet pages, ensure the operation of our Internet pages

legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO

Web host (s) commissioned by us:

Webflow Inc.

Service provider: Webflow Inc.
Website: 208 Utah, Suite 210, San Francisco, CA 94103, USA
Privacy statement: https://webflow.com

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.


Our website is hosted by Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter “Webflow”).
When you visit our website, Webflow collects various log files, including IP addresses, which are anonymized.

Webflow is a tool used for building and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for the display of the site, the provision of specific functions, and ensuring website security (necessary cookies).

For more details, please refer to Webflow’s Privacy Policy: https://webflow.com/legal/eu-privacy-policy

The use of Webflow is based on Art. 6(1)(f) GDPR. We have a legitimate interest in ensuring the most reliable presentation of our website possible.
Where consent has been requested, processing takes place exclusively on the basis of Art. 6(1)(a) GDPR and §25(1) TTDSG, insofar as consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TTDSG. Consent can be withdrawn at any time.

For data transfers to the United States, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

Data processing agreement: We have concluded a data processing agreement (DPA) with the above-mentioned provider. This contract, required under data protection law, ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Content delivery network

We use a content delivery network (CDN) to display our websites. A CDN is a network of regionally distributed servers connected via the Internet. Scaling storage and delivery capacities are made available via the CDN. This optimizes the loading times of our websites and ensures optimal data throughput even during heavy load peaks. User inquiries on our websites are routed via CDN servers. Statistics are created from these data streams. On the one hand, this serves to identify potential threats to our websites due to malware at an early stage and, on the other hand, to constantly improve our offering and make our websites more user-friendly for you as a user.

We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • Content data (e.g. posts, photos, videos)
  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address)

Processing purpose: Technical optimization of the website, analysis of errors and user behavior

legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO

CDN service providers used:

Amazon CloudFront

Service provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA
Internet site: https://aws.amazon.com/de/
Privacy statement: https://aws.amazon.com/de/privacy/?nc1=f_pr

Fastly

Service provider: Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA

Internet site: https://www.fastly.com

Privacy statement: https://www.fastly.com/de/privacy

Contacting

If you contact us via e-mail, social media, telephone, fax, post, our contact form or otherwise and provide us with personal data such as your name, telephone number or email address or provide further information about yourself or your request, we process this data to answer your request as part of the pre-contractual or contractual relationship existing between us.

Affected data:

  • Inventory data (e.g. names, addresses)
  • contact details (e.g. email address, telephone number, postal address)
  • Content data (texts, photos, videos)
  • Contract data (e.g. subject matter of contract, contract duration)

Affected persons: Interested parties, customers, business and contract partners

Processing purpose: Communication and response to contact requests, office and organizational procedures

legal basis: Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b DSGVO, legitimate interest, Art. 6 para. 1 lit. f GDPR

Information about the third party provider we use:

Handling your data during the application process

If you apply to us, we process the personal data you provide to us during the application process, such as your name, address, place of residence, age, application photo, e-mail and telephone number, professional career including schools, education, studies. If you send the data by e-mail or via a contact form on our online presence, the processing is carried out electronically. When you send your application via the contact form, the transmission of your data is encrypted using the state of the art. If you send your data by email, we would like to point out that the transfer is usually unencrypted. If an employment contract is concluded following the application process, we will store your data for the purpose of processing the employment relationship in compliance with legal requirements.

Affected data:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • contact details (e.g. email address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, contract duration)

Affected persons: Applicants

Processing purpose: Handling the application process

legal basis: Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR

Deletion: If an employment contract is not concluded, your data will be deleted after completion of the application process or no later than 2 months after its conclusion. This does not apply if legal provisions prevent deletion or if further storage of your data is necessary for the purpose of providing evidence, for example in proceedings under the General Equal Treatment Act (AGG). The application process is considered complete when the rejection is sent to you.

Online advertising

We use services to display Internet advertising. The services we use collect certain user data through a cookie or pixel. In particular, this includes information from which website you came to our website (so-called referrer), which pages of our website you accessed, how long you visited our pages and what interactions you made there. In addition, data is collected about the browser, computer system and type of device you use. In addition, demographic information, such as age or gender, can also be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, depending on the provider, this may also be processed. In order to collect and store this data, the respective service places a cookie or a so-called tracking pixel on the device you are using, which is also used to collect the IP address associated with you. However, this is abbreviated using a so-called IP masking process so that the IP address can no longer be assigned to your visit to our website. In principle, no clear data such as names or email addresses is stored when using the respective service. This is only the case if you are a member of a social network that offers one of the services listed below and combines your profile with the aforementioned data material.

The data is evaluated by the service we use in order to produce a report with statistical statements about the number of visitors generated through advertising and the success of the advertising campaign. The reports include the total number of users who were redirected to our website via our ads. In addition, the reports include information about the users' devices and browsers, where the users were located, at what times the ad was clicked. However, the reports do not contain any information that would personally identify you as a user of our site.

We would like to point out that, depending on the location of the service provider, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address)

Affected persons: Users of our online offerings

Processing purpose: Reach measurement, campaign success monitoring, remarketing and interest-based and behavioural marketing

legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. In addition, we use the respective service based on our legitimate interest in directing visitor flows to our website, analyzing these visitor flows in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f DSGVO.

We use the following service providers for online advertising:

Bing Ads
Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Office in Germany: Microsoft Deutschland GmbH, Walter-Gropius-Straße 5, 80807 Munich
Website: https://ads.microsoft.com/
Privacy policy: https://privacy.microsoft.com/en-us/privacystatement

Facebook Pixel
Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
European headquarters: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com
Privacy policy: https://www.facebook.com/about/privacy
Opt-out option: https://www.facebook.com/settings?tab=ads

We also use the “Advanced Matching” feature, which transmits your personal data to Facebook in encrypted form.
Additionally, we use the “Custom Audiences from File” feature, where your email address (for example, as a newsletter subscriber) is uploaded to Facebook in encrypted form.
This allows us to identify the recipients of our Facebook ads and ensure that the ads are shown only to potentially interested users.

Google AdSense
Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
European headquarters: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://www.google.com/intl/en/adsense/start/
Privacy policy: https://policies.google.com/privacy

Google Ads
Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
European headquarters: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://ads.google.com/home/
Privacy policy: https://policies.google.com/privacy

Newsletter

We regularly send newsletters to inform our customers, business partners, and interested parties about our offers and related updates.
You can subscribe to our newsletter via our website and consent to its receipt during the registration process.

When you register for the newsletter, providing your email address is mandatory. We store it solely to send you the newsletter.
Providing additional data such as your name or title is optional and helps personalize communication.

After registration, you will receive a confirmation email to the address you provided (double opt-in procedure).
This email contains a confirmation link—by clicking it, you confirm your wish to receive the newsletter.
This ensures that your email address was not misused by third parties.
For the same purpose, we log the date, time, and IP address associated with the registration.
We do not share this data with third parties.

Analysis of user behavior

If you have given your consent, we analyze your interaction with our newsletters.
Our newsletters contain tracking pixels and tracking links that allow us to determine whether and when the newsletter was opened and which links were clicked.

Purpose: To statistically evaluate the success or failure of our newsletter.
Legal basis: Consent, Art. 6(1)(a) GDPR.
Withdrawal: You can withdraw your consent to receive the newsletter at any time using the options below.
Deletion: Your data will be deleted after your withdrawal.

Data processed:

  • Content data (e.g., text, photos, videos)
  • Usage data (e.g., access times, clicked pages)
  • Communication data (e.g., device information, IP address)

Data subjects: Users of our website
Purpose of processing: Sending newsletters, analyzing engagement, improving communication
Legal basis: Consent, Art. 6(1)(a) GDPR; legitimate interest, Art. 6(1)(f) GDPR

Deletion: The email address will be deleted if you do not confirm the subscription within one month after receiving the confirmation email (double opt-in) or immediately after unsubscribing.

Withdrawal: You can withdraw your consent and unsubscribe from the newsletter at any time by clicking the unsubscribe link provided in each email.

Advertising by email, mail, or phone

For our promotional communication via email, mail, or phone, we process personal data.
You may object to receiving such communications or withdraw your consent at any time.

To prove that your consent was originally granted, we may retain your data for up to four years after objection or withdrawal.
Your data will not be used for any other purpose thereafter.
If you wish your data to be deleted earlier, we will do so once you confirm that consent had been given previously.

Data processed:

  • Contact details (e.g., email, phone number, postal address)
  • Basic data (e.g., name, address)

Data subjects: Communication partners
Purpose of processing: Direct marketing via email, mail, or phone
Legal basis: Consent, Art. 6(1)(a) GDPR; legitimate interest, Art. 6(1)(f) GDPR

Web analysis and statistics

We use web analysis services to record and statistically evaluate visitor flows on our website. Among other things, such services collect data about which website you came to our website from (so-called referrers), which pages of our website you accessed, how long you visited our pages and what interactions you made there. In addition, data is collected about the browser, computer system and type of device you use. In addition, demographic information, such as age or gender, can also be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, depending on the provider, this may also be processed.

In order to collect and store this data, the web analysis service we use usually places a cookie on the device you are using, which is also used to collect the IP address associated with you. However, this is abbreviated using a so-called IP masking process so that the IP address can no longer be assigned to your visit to our website. Otherwise, no clear data such as names or email addresses is stored. Neither we nor the service we use know the identity of visitors to our websites.

We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address).

Affected persons: Users of our online offerings

Processing purpose: Reach measurement, campaign success monitoring, remarketing and interest-based and behavioural marketing

legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. In addition, we use the respective service on the basis of our legitimate interest in analyzing the flow of visitors to our websites in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f DSGVO.

We use the following web analysis services:

Google Analytics

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Internet site: https://marketingplatform.google.com/intl/de/about/analytics/
Privacy statement: https://policies.google.com/privacy?hl=de


Opt-out option: If you do not want your data to be used by Google Analytics, you can set a so-called opt-out plugin, which will prevent data from being collected from you on our website in the future. You can get this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these sites, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and user profiles are thus created. Data can be stored in user profiles regardless of the device you are using. This is particularly the case if you are a member of the respective platform and logged in to it. The user profiles can be used by providers to display interest-based advertising to you. You have a right of withdrawal against the creation of user profiles. To exercise this, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider can collect data about your usage behavior on our website. To prevent such linking of your data, you can log out of the provider's service before visiting our site.

For what purpose and to what extent data is collected by the provider, you can find out in the respective data protection declarations of the providers provided below.

We would like to point out that, depending on the country of residence of the provider mentioned below, the data collected via their platform may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • Inventory and contact data (e.g. name, address, telephone number, email address)
  • Content data (e.g. posts, photos, videos)
  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address).

Processing purpose: Communication and marketing, tracking and analysis of user behavior

legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interests Art. 6 para. 1 lit. f GDPR

Objection options: For the respective options for objection (opt-out), we refer to the information provided by the providers linked below.

We maintain online presences on the following social networks:

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Internet site: https://www.facebook.com/
Privacy statement: https://www.facebook.com/about/privacy/
Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Instagram

Service provider: Instagram Inc., 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Internet site: https://www.instagram.com/
Privacy statement: http://instagram.com/about/legal/privacy

Messenger services

We communicate via messenger services. Messenger services are chat programs that can be used to send text messages, as well as image or video files, between users in real time over the Internet. In addition, messenger services can also be used to send emoticons, electronic greeting cards, and contacts. In order for messages to be transmitted, subscribers must be connected to each other directly or via a server using a computer program (called a client) via a network such as the Internet. As a rule, messages can also be sent when the interlocutor is not online - the message is then cached by the service server and delivered to the recipient later when the recipient can be reached again. Finally, these services can also be used for screen sharing and online games.

If the service uses end-to-end encryption for the content sent (texts, attachments), only the selected communication partners, but not third parties or the service provider itself, can view the message. We therefore recommend that you install updates to the service regularly to ensure that the content is encrypted. However, the service provider has the option to access communication metadata. This includes the time and (depending on your settings) location of communication as well as the device you are using.

We would like to point out that, depending on the country of residence of the provider mentioned below, the data collected via their platform may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • Inventory and contact data (e.g. name, telephone number, email address)
  • Content data (e.g. posts, photos, videos)
  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address).

Processing purpose: Communications and marketing

Legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. In this respect, we make it clear that we will not transfer your contact details to the service provider for the first time without your consent. If we communicate with you via one of the following services as part of a contract initiation or as part of an existing contractual relationship, the legal basis is the fulfilment or preparation of the contract, Art. 6 para. 1 lit. b GDPR. In addition, we rely on our legitimate interests in fast and efficient communication and meeting the needs of our communication partners in communicating the following services, Art. 6 para. 1 lit. f DSGVO.

Objection options: You can withdraw the consent you have given us to use the service listed below at any time. You can also object to communication via the messenger service at any time.

We use the following messenger services:

Whatsapp

Service provider: WhatsApp Inc. 1601 Willow Road Menlo Park, California 94025, USA
Headquarters in the EU: Whatsapp Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Internet site: https://www.whatsapp.com/
Privacy statement: https://www.whatsapp.com/legal/privacy-policy-eea

Online Meetings, Video Conferences, and Screen Sharing

We use third-party services to enable online meetings, video and/or audio conferences, as well as online seminars with employees, clients, and prospects.
When you communicate with us via such a service, the data collected during this communication is processed both by us and by the respective third-party provider.

Data that may be generated during such communication includes your registration and contact details, chat messages, video and audio contributions, and shared screen content.
The data processed by the third-party provider primarily includes user data and metadata (e.g., IP address, computer system information).

In general, third-party providers process this data to verify and ensure the security of their service. They may also use the data to optimize their services and for marketing purposes.
Please refer to the privacy policies of the respective providers for further details.

Please note that, depending on the provider’s country of operation, the data collected via these services may be transferred and processed outside the European Union. In such cases, there is a risk that the level of data protection required by the GDPR may not be maintained and that your rights may be limited or more difficult to enforce.

Data processed:

  • Basic data (e.g., name, address)
  • Contact details (e.g., email address, phone number)
  • Shared content (e.g., photos, videos, text, audio recordings)
  • User data (e.g., access times, visited pages, content interests)
  • Metadata and communication data (e.g., IP address, computer system information)

Data subjects: prospects, clients, communication partners
Purpose of processing: managing contact requests, internal and external communication, fulfilling contractual obligations, service provision
Legal basis:

  • Consent (Art. 6(1)(a) GDPR)
  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
  • Legitimate interest (Art. 6(1)(f) GDPR)

Services We Use

Google Meet
Services offered: video conferencing, chat, instant messaging
Provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Parent company: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Website: https://gsuite.google.com/intl/en/
Privacy policy: https://policies.google.com/privacy?hl=en

Microsoft Teams
Services offered: video conferencing, chat, voice conferencing
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Website: https://www.microsoft.com/en-us/microsoft-365/microsoft-teams/group-chat-software
Privacy policy: https://privacy.microsoft.com/en-us/privacystatement

Zoom
Services offered: video conferencing, voice conferencing, chat
Provider: Zoom Video Communications, Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA
Website: https://zoom.us/en/meetings.html
Privacy policy: https://zoom.us/en/privacy.html

Content services

We use certain services to be able to display certain content or graphics (videos, images, music, fonts, maps) via our website. The services we use process the IP address assigned to you at the time of your visit to our website, as this is the only way to display the respective content in the browser you are using. In addition, the providers of these services may set other cookies on your device, which collect information about your usage behavior, your interests, the device and browser you use, and the time and duration of your session. The providers regularly use this data for analysis, statistics and marketing purposes. In addition, this information can also be combined with information from other sources. This is especially true if you yourself have an account with the service provider and are logged in there at the time of the session.

We would like to point out that, depending on the country of residence of the service provider named below, the data specified in more detail below may be transferred and processed on servers outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.

Affected data:

  • usage data (e.g. access times, websites clicked on)
  • communication data (e.g. information about the device used, IP address)

Affected persons: users of our website

Processing purpose: Playing our websites, offering content, ensuring the operation of our websites

legal basis: Consent via cookie consent banners, Art. 6 para. 1 lit. a GDPR, legitimate interests, Art. 6 para. 1 lit. f GDPR

We use the following content services:

Google Maps

We use Google Maps on our website. Here, Google collects and processes the visitor's IP address. When you visit a website that includes Google Maps, regardless of whether you actually use Google Maps or you are logged into your Google account, your IP address and location data (the latter usually not without your consent) are transmitted to Google. Your IP address is assigned to your Google account if you are logged in there when you visit our website.

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Internet site: https://www.google.de/maps
Privacy statement: https://policies.google.com/privacy


Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

Safety measures

We also take state of the art technical and organizational security measures to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

Updates and Changes to This Privacy Policy

This privacy policy is currently valid and was last updated in September 2025.
Due to changes in legal requirements or regulatory directives, it may become necessary to amend this privacy policy.

This privacy policy was created with the help of the privacy policy generator provided by SOS Recht, a service offered by Mueller.legal Rechtsanwälte Partnerschaft, based in Berlin.