Welcome to the website of fischer international (hereinafter “we” or “fischer”). We pleased that you are interested in our company and our products and services.
The protection of your privacy as a user of our website is of utmost importance to us, and we comply with the data protection legislation laws and regulations applicable to us.
Being the controller, we have implemented numerous technical and organizational measures to ensure the best possible protection of the personal data processed via this website.
However, any transmission via the Internet may have security gaps and absolute protection cannot be guaranteed. Data subjects therefore also have the option to submit personal data to us by alternative methods, such as by post.
1. Controller and data protection officer
The controller within the meaning of data protection laws and regulations is:
fischerwerke GmbH & Co. KG
Tel.: (+49) 7443 12-0
Registry Court Stuttgart HRA 440255
VAT ID no.: DE 144252337
To view our legal notice, visit: https://www.fischer-international.com/en/legal-notes/imprint
Please feel free to contact us for any questions or suggestions you may have regarding data protection. The contact information of our data protection officer is:
2. Purpose and principles of data protection
The purpose of data protection is the protection of individuals with regard to the processing of personal data. Personal data means any information relating to an identified or identifiable natural person (“data subject”). Personal data includes, for example, information such as a person’s name, postal address, e-mail address or telephone number, but also information that necessarily is generated during the use of our website, such as information about the start, end and extent of use of our website and the transmission of your IP address.
We comply with the applicable data protection laws and regulations in processing personal data. This means that your data will only be processed by us if you have provided your consent or if we are permitted by law to do so, e.g. if the processing of data is necessary to provide our contractual services (e.g. Order processing), or required by law, or based on our legitimate interests within the meaning of Art. 6 (1) f) GDPR (e.g. our interest in analysing, optimising and ensuring the secure operation of our website).
We take organisational, contractual and technical security measures based on the state of the art to ensure that data protection laws and regulations are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised parties.
3. Data processing when accessing our website
Our website can generally be accessed without registering and providing personal information. However, even if you use our website without registering and providing personal information for informational purposes, personal data may automatically be collected and processed. Below is an overview of the type, scope, purposes and legal basis of data processing via our website.
3.1 Provision of our website
When you access our website from your terminal device, the following data is automatically collected and processed in the server log files:
- Date and time of access
- Duration of visit
- Type of terminal device
- Operating system used
- Functions used
- Volume of transmitted data
- Type of event
- Referrer URL
- Domain name
- IP address
This data is processed on the basis of our legitimate interests within the meaning of Art. 6 (1) lit. f) GDPR, namely to provide and display our website, to ensure and maintain its technical operation, to identify and eliminate malfunctions and for security reasons (e.g. to investigate cases of misuse or fraud). This data is automatically processed when you visit our website. You cannot use our website without this information being provided. We do not use the collected data for the purpose of drawing conclusions about your identity.
The data collected are usually deleted after 28 days unless required for a longer period of time for the above purposes under special circumstances. In this case, your data will be deleted immediately after the purpose for which they were collected ceases to exist.
3.2 Display technologies
This website uses so-called web fonts for uniform presentation of fonts. Third-party fonts
– Google Fonts – are used for this purpose. Google Fonts is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). These web fonts are integrated via a Google server, which usually is located in the USA. When you call up a website, your browser loads the required web fonts in your browser cache to display texts and fonts correctly.
This website also uses Ajax and jQuery technologies for optimised page load. To this end, program libraries are retrieved from Google servers. We use the CDN (content delivery network) of Google. If you have previously used jQuery from Google CDN on another website, your browser relies on the cached copy. If this is not the case, a download is required, whereby data from your browser are transmitted to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
The browser you use must connect to Google servers for this purpose. This enables Google to learn that our website was accessed from your IP address. Google display technologies are used to ensure the uniform, appealing and error-free presentation of our website. This qualifies as legitimate interest within the meaning of Art. 6 (1) f) GDPR.
If your browser does not support these technologies, your computer will use a standard font. For more information on Google display technologies visit: www.google.com/fonts#AboutPlace:about.
Some cookies are used because they are essential for the proper functioning of our website and its features (“necessary” cookies). These cookies are set automatically when you call up our website or a specific function, unless you have prevented cookies from being set by making the appropriate settings in your browser. In contrast, cookies that are not absolutely indispensable (e.g. statistical cookies) are set, for example, to improve the comfort and performance of our website or to save certain settings made by you. Such cookies are also used by us to collect information about the frequency of use of certain parts of our website to enable us to tailor them more specifically to your needs in the future.
Most cookies are only required for the duration of your current visit to our website/your session and are deleted or expire as soon as you leave our website or when your current session expires (“session cookies”). Cookies are only occasionally stored for a longer period of time, for example to recognise you when you return to our website at a later time and to be able to call up stored settings (“persistent cookies”).
This enables you, for example, to access our website more quickly or conveniently or to avoid having to re-enter certain settings. Persistent cookies are automatically deleted after a predefined period of time – which may differ depending on the type of cookie and its function – when you go to the page or domain from which the cookie was set.
To facilitate your management of cookies on our website, we have implemented the extended cookie notice banner Cookiebot from Cybot A/S, Havnegade 39, DK-1058 Copenhagen, Denmark (“Cookiebot”). The cookies required for the functioning of the Internet pages and the services offered are preset. Data processing for this purpose is based on the protection of our legitimate interests pursuant to Art. 6 (1) lit. f) GDPR. Our legitimate interests lie in the provision and maintenance of our online services. For more details, see sections 3.4–3.10. below.
By unchecking the box, you can prevent cookies from being set in the respective category (e.g. “statistics”, “personalisation”). However, if you allow us to use statistics (analytics services such as Google Analytics) and personalised content (recognition of the pages you access on our website and with advertising partners or social media providers such as LinkedIn), we can provide you with tailored information, remind you of content you have already viewed and optimise our website based on the anonymous analysis of your user behaviour on our pages and in our services and platforms.
For a list of the cookies used on our website, click here: https://www.fischer-international.com/en/legal-notes/privacy-policy
It is therefore not mandatory to accept cookies when using our website. If you generally do not wish cookies to be used, you can also prevent cookies from being set on your terminal device by selecting the appropriate settings in your browser. Please note that this may limit the functionality and range of functions of our website. Stored cookies can be deleted in the system settings of your browser at any time.
3.4 Analytics services
We analyse visitor behaviour as described below in order to optimise the services and functions of our website and to be able to offer them in an optimal way. The purpose of the processing is primarily the optimisation of our website with regard to the users’ needs, but also troubleshooting. The web analytics process also provides us with key figures such as the number of visitors to our website, their distribution over time, popular content and the time users spend on the site. It may also be possible to trace whether a user profile was created as a result of an advertising measure. The data is processed and used to prevent and combat fake profiles, illegal activities and spam, and to improve the security of the website. User data is transmitted to various third-party providers as described in this privacy notice for the purpose of analytics.
We only use Google Analytics with activated IP anonymization. This means that the user’s IP address is truncated within Member States of the European Union or in other States which are party to the Agreement on the European Economic Area. It is only transmitted in full to a Google server in the U.S. and truncated there in exceptional cases The IP address transmitted by your browser is not merged with other data from Google.
The data associated with Google Analytics is processed based on your consent in accordance with Art. 6 (1) lit. a) GDPR.
Please bear in mind that accepting Google Analytics is not a mandatory requirement for using our website. If you do not wish cookies to be placed on your terminal device by Google Analytics, you can block the setting of cookies in your privacy settings in the “Statistics” category (click here to access the respective cookie settings). The corresponding option can also be deactivated in the system settings of your browser. Stored cookies can be deleted in the system settings of your browser at any time. In addition, you can deactivate the use of Google Analytics cookies using a browser add-on if you wish to prevent website analysis from being conducted. This add-on can be downloaded here: http://tools.google.com/dlpage/gaoptout?hl=de.
You can prevent Google Analytics from collecting your data by using the browser add-on to deactivate Google Analytics. If you wish to deactivate Google Analytics, simply download and install the add-on for your web browser. The add-on to deactivate Google Analytics is compatible with all common browsers. For the add-on to work properly, it needs to be loaded and executed correctly in your browser.
- IP address of your device (only recorded and stored as anonymised data),
- Screen size
- Device type (Unique Device Identifiers)
- Information on browser used
- User location (only the country)
- preferred language for viewing our website.
Hotjar stores this information in a pseudonymized user profile. Hotjar does not process this information to identify individual users or to match it with further data on an individual user. Instead, we use Hotjar to analyse how our website is used and to be able to continuously improve individual functions and offers as well as the user experience in general. By statistically analysing user behaviour, we are able to improve our website and make it more interesting for you as a user. The data is processed based on your consent in accordance with Art. 6 (1) lit. a) GDPR.
If you do not wish cookies to be stored on your terminal device by Hotjar, you can prevent the setting of cookies in your privacy settings in the “Statistics” category (click here to access the corresponding cookie settings).
You can also prevent Hotjar from storing a user profile and information about your visit to our website and from setting Hotjar tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out
For more information on how Hotjar uses data, on setting, withdrawal and objection options, as well as on data protection, please visit the following Hotjar website: https://www.hotjar.com/legal/policies/privacy.
3.5 Social media and social networks
The website includes links to our social media accounts such as Instagram, YouTube, Twitter and Facebook. After clicking on the embedded graphic, you will be redirected to the page of the respective provider. This means that only of you actually click on the icon will user information be transmitted to the respective provider. If you are logged into the respective social network with your user profile, your user profile is associated with your visit to our website after the button has been clicked. If you do not wish social networks to collect data about your visit to our website, log off your social media account before visiting the website.
3.6 Inclusion of YouTube videos
We have embedded YouTube videos on our website. These videos are hosted by YouTube but can be played directly on our website. YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This service is inactive by default but can be activated by the user. If you access a sub-page on our website with an embedded YouTube video, basic data, e.g. your IP address, may be transmitted to Google through the embedding technology. Google processes the IP address of users. Without a user’s IP address, Google cannot send content to their browser. If you consent to the transfer of data to Google, we have no influence on how Google uses the data. Google may, for example, use so-called pixel tags for statistics or marketing purposes. “Pixel tags” can be used to analyse information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain information such as technical information about the browser and operating system, information on referring websites, time of visit and other information on how our website is used.
YouTube may store your data as usage profiles and use them for advertising, market research and/or tailoring their services to your interests. If you do not wish the information collected and transmitted to be associated with your profile on YouTube or Google, you need to log out before playing the video. The legal basis for embedding the YouTube service on our website is your consent pursuant to Art. 6 (1) lit. a) GDPR.
If you do not wish cookies to be stored on your terminal device by YouTube-Videos, you can prevent the setting of cookies in your privacy settings in the “Statistics” category (click here to access the corresponding cookie settings).
For more information on data processing and information on data protection by YouTube and/or Google visit www.google.de/intl/de/policies/privacy/; For settings regarding the display of advertisements on Google visit https://adssettings.google.com/authenticated.
3.7 Google Maps
Our website also uses Google Maps (API), another service provided by Google LLC. Google Maps is a web mapping platform and displays interactive maps to visually present geographical information.
When you access sub-pages in which the Google Maps map is embedded, information about your use of our website is immediately transmitted to Google servers in the USA and stored there; this includes in particular to your IP address. This is done regardless of whether or not you have a Google user account and are logged in to it. If you are logged in to Google, your data may be directly associated with your account.
The basis for data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR, i.e. our interest in analysing, optimising and operating our website. Google is certified under the EU-US Privacy Shield Agreement and thereby guarantees compliance with European data protection law. For detailed information on data protection in connection with the use of Google Maps, please visit the Google website: https://www.google.de/intl/de/policies/privacy/
3.8 Online advertising (retargeting/remarketing)
We also use third-party retargeting/remarketing services for optimising our website. For this purpose, data is collected on the website using cookie/tracking technology to optimise advertising and our website in general. This data is not used to personally identify you. The data serves solely to evaluate the use of the website and to target users, who have already shown interest in specific content and offers, with interest-based advertising on our website as well as on other websites and social media accounts of our partners. Advertisements are displayed on our website or on the websites of our partners on the basis of an analysis of prior user behaviour. According to the providers of the services used, the created usage profiles are generally anonymous or pseudonymized. At no time will this data be merged by us with other stored personal data. The third party providers we work with, how user data is processed in this context and how you can deactivate retargeting/remarketing technologies is explained in the following sections.
a) This website uses Google Ads (previously: Google AdWords). Ads is an online advertising program of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). As part of Google Ads, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. These cookies are not used to personally identify a user. However, when you visit certain pages of this website and the cookie has not yet expired, Google and we will be able to tell that you clicked on the ad and were directed to this page. The information collected using the conversion cookie is used to generate conversion statistics for Ads clients who have opted for conversion tracking. Clients are informed of the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to identify a user. If you do not wish to be tracked, you can object by deactivating the Google conversion tracking cookie in the settings of your Internet browser. You will then not be included in the conversion tracking statistics.
Usage of this tracking tool is based on your consent in accordance with Art. 6 (1) lit. a) GDPR.
If you do not wish cookies to be saved on your terminal device by Google Ads, you can prevent the placement of cookies in your privacy settings under “Personalisation” (click here to access the respective cookie settings).
You can also prevent the storage of cookies by Google Ads by setting your browser software accordingly:
Your personal data is processed on the basis of your consent within the meaning of Art. 6 (1) a) GDPR.
If you do not wish cookies to be stored on your terminal device by Campaign Manager, you can prevent the setting of cookies in your privacy settings under “Personalisation” (click here to access the respective cookie settings).
If data is transferred to the USA, so-called standard contractual clauses pursuant to Art. 46 GDPR were concluded with Google to provide appropriate safeguards with regard to Google's advertising services (https://privacy.google.com/businesses/processorterms/mccs/ ). Google is also certified under the EU-US Privacy Shield Agreement.
For more information on Campaign Manager visit https://www.google.de/doubleclick; for more information on data privacy with Google visit: https://www.google.de/intl/de/policies/privacy
c) On our website, we use the so-called Facebook pixels of social network provider Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The Facebook pixel makes it possible for Facebook to identify visitors to our website as a target group for advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown interest in our services or who have certain characteristics (e.g. interests in specific topics determined on the basis of the websites visited). This information is transmitted by us to Facebook (so-called “Custom Audiences”). The Facebook pixel also helps us to ensure that our Facebook ads match the potential interests of users and do not annoy them. The Facebook pixel also allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The Facebook technologies are used on our website on the basis of your consent pursuant to Art. 6 (1) lit. a) GDPR. We use the data obtained only for promoting own products and do not transmit the data to third parties.
If you do not wish cookies to be stored on your terminal device by Facebook Pixel, you can prevent the setting of cookies in your privacy settings under “Personalisation” (click here to access the respective cookie settings). You can also block Facebook Pixel from collecting your data and using it to display Facebook ads. To set which types of advertisements you see on Facebook, you can go to the page set up by Facebook and follow their instructions on the setting of usage-based advertising.
Insofar as data is transferred to the USA, so-called standard contractual clauses pursuant to Art. 46 GDPR were concluded with Facebook for Facebook business tools to provide suitable guarantees (https://www.facebook.com/legal/EU_data_transfer_addendum ). Facebook is also certified under the EU-US Privacy Shield Agreement.
The LinkedIn technologies are used on our website on the basis of your consent pursuant to Art. 6 (1) lit. a) GDPR.
The information collected through LinkedIn conversion tracking is also processed on servers of LinkedIn Inc. in the USA. Insofar as data is transferred to the USA, so-called standard contractual clauses pursuant to Art. 46 GDPR were concluded with LinkedIN to provide appropriate safeguards. LinkedIN is also certified under the EU-US Privacy Shield Agreement.
If you do not wish cookies to be stored on your terminal device by LinkedIn, you can prevent the setting of cookies in your privacy setting under “Personalisation” (click here to access the respective cookie settings). You can also disable the evaluation of your user behaviour in connection with LinkedIn ads by clicking on the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out . Alternatively, you can prevent the analysis of your user behaviour in connection with LinkedIn by choosing the appropriate cookie settings in your browser.
For more information on data protection with LinkedIn visit: https://www.linkedin.com/legal/privacy-policy#choices
3.9 Google reCAPTCHA
3.10 Google Tag Manager
For transparency reasons, we would like to point out that our website uses Google Tag Manager. Google Tag Manager is a solution that allows us to use website tags via an interface and integrate, for example, Google marketing services, in our website. The tag manager itself (which implements the tags) does not process any of the user’s personal data.
4. Services requiring registration, newsletter and communication
In addition to the purely informational use of our website, we offer various services or functions that you can use, if interested. This usually requires you to provide further personal data, which we use in the provision of the relevant service or function as described below.
4.1 Registration with “myfischer”
Users have the option of registering on the “myfischer” partner portal, creating an account and using various digital services via this account. The partner portal is a closed section of the website and only accessible to users after prior approval. When registering and creating your partner account, you will be asked to provide the following mandatory information marked “*”:
- First and last name of user
- User e-mail address
- Industry in which the user operates
- Name and address
Registration and the creation of the partner account are not possible without providing this mandatory data. We process the mandatory data provided by you on the basis of Art. 6 (1) lit. b) and f) GDPR, on the one hand to create your profile and to identify you every time you log in, and on the other hand to match and link your data with the data available in our CRM system. Depending on the service and function you use on the partner portal, additional data may be collected and subsequently linked to your existing profile data.
In the context of your registration, you also have the option to provide additional, voluntary information, e.g. your telephone number or customer number. This information is not required for the registration and the creation of the partner account. However, if you do not provide this information, we may not be able to fully comply with your requests when using the partner account. If you provide such voluntary information, the basis for processing this data is our legitimate interest in managing and maintaining our customer relationships and optimising our website. The legal basis for it is Art. 6 (1) lit. f) GDPR.
If, upon registering, you agree to fischerwerke sending you e-mail advertisements, your data is processed by us in order to send you information on this basis about interesting products or services relating to fischerwerke fastening systems. The legal basis in this case is Art. 6 (1) lit. a) GDPR. You can withdraw your consent at any time. A short message to us will suffice. For more information, please consult the section on data subjects' rights in section 8 below.
Our website offers the option to register for numerous training sessions and seminars. When registering, you will be asked to complete a form. The form includes the following mandatory information, which is stored in our system:
- First name
- Last name
- E-mail address
This information is mandatory. You cannot register for our seminars without providing this information. In the context of your registration, you also have the option of providing additional, voluntary information, e.g. your title, department, etc. Please note that this information is not required to register, and you alone decide whether you wish to share this data. We process the collected data on the basis of Article 6 (1) lit. b) GDPR in order to create your account, to identify you and to execute the usage contract with you. We delete the data provided by you as soon as the purpose of collection ceases to apply in full and no other legal basis applies (e.g. further processing of the data is or becomes necessary for the fulfilment of a concluded contract). If and as long as statutory retention obligations apply, the data will only be deleted after the relevant periods have expired.
To register for our newsletter, it is sufficient to provide your e-mail address. We only send newsletters after a corresponding registration has been received, i.e. on the basis of your consent pursuant to Art. 6 (1) lit. a) GDPR. If the contents of the newsletter (i.e. the advertised goods and services) are specified in the registration, these contents are relevant for the scope of such consent. Otherwise, our newsletters feature information about our products, offers, promotions and/or our company.
Registration is done by means of the so-called double-opt-in procedure, i.e. after your registration you will receive an e-mail asking you to confirm your registration in order to prevent misuse of your e-mail address. The registration for the newsletter is logged by us in order to be able to provide evidence of the registration process in accordance with the statutory requirements and, if necessary, to prevent or resolve any misuse of your personal data. The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) lit. f) GDPR in the operation of a user-friendly and secure newsletter system and in order to subsequently be able to provide evidence of the registration process and the consent provided.
You can withdraw your consent to receive our newsletter at any time, in particular by unsubscribing from the newsletter. An unsubscribe link to exercise this right is provided at the end of each newsletter. If you have only registered for our newsletter, your personal data will be deleted if you unsubscribe.
Our newsletters include so-called tracking pixels (web bugs), which enable us to recognise whether and when an email was opened and which links in the email were followed by the specific recipient. This data is stored by us to enable us to optimally tailor our newsletters to the preferences and interests of our subscribers. Accordingly, the data thus collected is used to send personalised newsletters to the respective recipient.
We ask for your consent in this regard at the appropriate stage. By withdrawing consent to receive the newsletter, consent to the aforementioned tracking is also withdrawn.
4.4 Other options to contact us – contact form
Whenever you provide us with personal data by e-mail or via a contact form, this is always done on a voluntary basis. Your details are processed by us for the purpose of processing your enquiry and handling it or for order processing in accordance with Art. 6 (1) lit. b) GDPR and may also be disclosed to affiliated companies or third parties for this purpose. In this respect, we may also store your data in our Customer Relationship Management (CRM) system.
The provider of our CRM is Sitecore, 101 California Street Floor 16, San Francisco, CA 94111 USA. We delete the data provided by you as soon as the purpose of collection ceases to apply in full and no other legal basis applies (e.g. further processing of the data is or becomes necessary for the fulfilment of a concluded contract). If and as long as statutory retention obligations apply, the data will only be deleted after the relevant periods have expired.
When users leave comments or other posts on our website, their IP addresses will be stored for 180 days. The basis for this storage is our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR. This is done for our protection in case someone leaves unlawful content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we ourselves may be legally responsible for the comment or post and are therefore interested in the identity of the author.
4.5 Comment / blog function
Our website offers you the opportunity to comment on individual posts. In this case, the IP address of the person providing the comment/IP connection holder is stored. This is done for our own protection in the event that the author's comments infringe upon third-party rights and/or unlawful content is posted, as we can be prosecuted for unlawful content on our website, even if it was created by a user.
The data is not disclosed to third parties. The data collected in this way is also not matched against data that may have been collected by other modules of our website.
Our website also offers you the option of subscribing to subsequent comments on a post you write a comment on. If you choose this option, you will receive a confirmation e-mail to verify that you are indeed the user of the e-mail address provided. The decision to subscribe to such follow-up comments may be withdrawn at any time. Please see our confirmation email for details. The information obtained in this way is not disclosed to third parties. The data collected in this way is also not matched against data that may have been collected by other modules of our website.
4.6 Job advertisements / online application
In addition to our privacy notice, we would like to specify the following with regard to the processing of your personal data and your rights in connection with your job application: Privacy notice for the application procedure
4.7 Guest WLAN
In some cases, we offer you the option of using our guest WLAN in accordance with our terms and conditions of use. If you use this option, your data is transmitted via a proxy that stores log data about the devices (time stamp, IP address, URL). The log data is processed by us at our location in Germany and is required for essential support and to secure our networks against attacks. Your data is be automatically deleted after 30 days.
4.8 Chat function
We use the Microsoft Teams chat function of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown Dublin 18, Ireland on some pages of our website. The chat and the associated data processing is started only if you have previously consented to it in the cookie banner. The chat is not loaded by default. Hence, no personal data is obtained from you. Your IP address obtained as part of your chat use is stored in anonymised form in the cookies and is not used to personally identify you.
Our chat will help you with all your questions concerning apprenticeships in the fischer group of companies and your search for suitable apprenticeships. Participation in the chat is voluntary and does not require registration. You alone decide what personal data concerning you are disclosed by you in the context of the chat. In particular, you are not required to provide your real name, but can also use an alias in the “Name” field. The data you provide is processed exclusively for the purpose of providing advice and assuring the quality of the communication. Only data that is required for the process of providing advice or for handling your request will be used to conduct the chat. This data is processed exclusively by us and our service providers. The data transmission is encrypted. We use technical and organisational safety measures to protect the data from deliberate or accidental manipulation, access by unauthorised persons, changes, loss and destruction. The data is processed by Microsoft on servers in the EU and exclusively on our behalf and on the basis of an order processing agreement. In addition, we have concluded the standard contractual clauses with Microsoft to provide a legal basis for potential transmissions to a third country.
The legal basis for the processing of automatically collected meta data as well as the data voluntarily provided by you in the chat history constitutes your consent in accordance with Art. 6 (1) lit. a) GDPR. You provide this consent by accepting the necessary cookies and voluntarily providing personal data in the chat. If the chat is in connection with a potential job application with us, the legal basis for the processing is Art. 6 (1) lit. b) GDPR or Section 26 (1) of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). Your personal data is only used for answering your questions. The chat history is not linked to a specific application. The information you provide is also used to improve our advisory services and for quality assurance purposes. In this regard, your personal data is processed on the basis of Art. 6 (1) f) GDPR. Our legitimate interest in processing the collected data is the continuous improvement of our advisory services in the context of the chat.
The data collected in connection with the chat will be deleted or blocked by us as soon as the purpose of storage ceases to apply. In addition, the data may be stored if this is required by European or national legislation. The data is also deleted or blocked if a statutory storage period expires, unless there is a need to continue storing the data for the conclusion or execution of a contract. If you have provided your consent, you have the right to withdraw it at any time. This does not affect the lawfulness of data processing on the basis of your consent up to the date of withdrawal.
5. Recipients of personal data
Only those in our organisation have access to personal data who need access for the respective stated purposes. Your personal data is only disclosed to third parties if this is necessary for the processing or handling of your request, if another legal basis applies or if you have provided your consent.
Data is transmitted within our group of companies for sales and marketing purposes on the basis of our legitimate interests in accordance with Art. 6 (1) lit. f) GDPR.
Third-party recipients may include, in particular, affiliated companies or external service providers that we use to provide services as processors, for example with regard to technical infrastructure and the maintenance of our website. These processors are carefully selected and regularly reviewed by us. They may use the data only for the purposes specified by us and in accordance with our instructions.
It is also possible that we are required to disclose personal data to authorities and government institutions, such as public prosecutors' offices, courts or tax authorities, for compelling statutory reasons. In this respect, data is transmitted on the basis of Art. 6 (1) lit. c) GDPR.
Furthermore, your personal information may be disclosed to third parties if promotional activities, competitions, contract conclusions or similar services are offered by us together with partners or service providers (e.g. transport service providers). In these cases, data is disclosed on the basis of your consent, to execute a contract with you or to protect our legitimate interests pursuant to Art. 6 (1) a), b) and/or f) GDPR. You will receive more detailed information in this respect when providing your personal data in connection with the specific processing operation.
6. Data processing in third countries
If data is transmitted to entities whose registered office or place of data processing is not located in a member state of the European Union or in another state that is a party to the Agreement on the European Economic Area, we ensure, prior to the transfer, that apart from exceptional cases permitted by law, either an adequate level of data protection is in place with the recipient (e.g. through an adequacy decision by the European Commission, through suitable guarantees such as the agreement of so-called EU standard contractual clauses with the recipient) or your consent to the data transfer has been obtained.
7. Storage period
For information on the storage period of personal data, please read the description for the respective offer or service in question. In addition, or unless otherwise stated in the respective description of the offer or service, the following applies in general: Your personal data is only stored for as long as is necessary for the processing purposes or—if based on consent—as long as you have not withdrawn your consent. If you withdraw your consent, your personal data is deleted unless further processing is permitted in accordance with applicable statutory regulations. Your personal data is also deleted if we are required to do so by law. If and as long as statutory retention obligations apply, the data will only be deleted after the relevant periods have expired.
8. Rights of data subjects
Data subjects have numerous rights. These include:
The rights described above are only available to you on condition that the legal requirements applicable in this respect are fulfilled, even if this is not expressly mentioned in the above description.
If you have any questions concerning the processing of your personal data, your rights as a data subject and any consent you may have given, you can contact us free of charge. To exercise any of your aforementioned rights, please contact us at email@example.com or by post at the address indicated in section 1 above. In doing so, please ensure that we are able to positively identify you.
9. Links to and integration of third-party websites
Websites and services of other providers linked to our website are provided by the respective service provider. We have no influence on the design, content and function of such third-party services. We expressly reject any responsibility for the content of linked third-party websites. Please note that third-party websites linked to our website may install their own cookies on your terminal device or collect personal data. We have no control over it. Please obtain information in this respect directly from the providers of these linked third-party websites, as applicable.
9.2 Third party services and content
Our website uses content or services from third-party providers on the basis of legitimate interests within the meaning of Art. 6 (1) f) GDPR, namely our interest in the analysis, optimisation and cost-effective operation of our website, to integrate website content and services, e.g. videos (hereinafter collectively referred to as “content”). This always requires that the third-party providers of this content know the user's IP address, as, without the IP address, they would not be able to send the content to the user's browser. The IP address is thus required to display this content. We endeavour to use only content where the respective providers only use the IP address to deliver content.
Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tags” can be used to analyse information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as be linked to such information from other sources.
It may be necessary from time to time to amend the content of this privacy notice. We therefore reserve the right to change this privacy notice at any time. We will also publish the amended version of the privacy notice here. The current version of our data protection information applies at the time of your visit.
Last updated: May 2021