Privacy Policy of Kataloop GmbH

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data within our online offerings and the related websites, functions, and content, as well as external online presences, such as our social media profile (hereinafter collectively referred to as “Online Offering”). Regarding the terms used, such as “processing” or “controller,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Controller:
‍Kataloop GmbH
Kuglerstr. 16, 10439 Berlin, Germany
Managing Director: Lydia Dietsch
Email: hello@kataloop.com

• Inventory data (e.g., names, addresses).

• Contact data (e.g., email, phone numbers).

• Content data (e.g., text input, photographs, videos).

• Usage data (e.g., visited websites, interest in content, access times).

• Meta/communication data (e.g., device information, IP addresses).

• Provision of the online offering, its content, and functions.

• Responding to contact requests and communicating with users.

• Marketing, advertising, and market research.

• Security measures.

In accordance with Article 13 of the GDPR, we inform you of the legal bases of our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e., the EU and the EEA, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR; the legal basis for processing for the fulfillment of our services and execution of contractual measures as well as responding to inquiries is Article 6(1)(b) GDPR; the legal basis for processing to fulfill our legal obligations is Article 6(1)(c) GDPR; and the legal basis for processing to safeguard our legitimate interests is Article 6(1)(f) GDPR.

If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if a transmission of the data to third parties, such as payment service providers, is necessary for contract fulfillment according to Article 6(1)(b) GDPR), you have given consent, a legal obligation provides for this, or based on our legitimate interests (e.g., when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called “processing contract,” this is done on the basis of Article 28 GDPR.

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or this occurs in the context of the use of services of third parties or disclosure, or transfer of data to third parties, this is done only if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or based on our legitimate interests. Subject to legal or contractual permissions, we process or allow the data to be processed in a third country only if the special requirements of Articles 44 ff. GDPR are met. That means, the processing is done, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (e.g., for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

We use temporary and permanent cookies, i.e., small files that are stored on users’ devices. In part, the cookies serve security or are necessary for the operation of our online offering (e.g., for the display of the website) or to save the user decision when confirming the cookie banner. In addition to cookies that are only stored for the duration of a session and deleted after the session ends (session cookies), cookies can also be used to store user information over multiple sessions (permanent cookies). As far as we use cookies or “tracking” technologies, we inform you within the scope of obtaining consent.

You can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

The data processed by us will be deleted or restricted in their processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated within this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. That means, the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

According to legal requirements in Germany, the retention is particularly for 10 years according to §§ 147(1) AO, 257(1) Nos. 1 and 4, (4) HGB (books, records, management reports, accounting documents, commercial books, documents relevant for taxation, etc.) and 6 years according to § 257(1) Nos. 2 and 3, (4) HGB (commercial letters).

We process the data of our customers in the context of the order processes in our online shop to enable them to select and order the chosen products and services, as well as their payment and delivery, or execution.

The processed data includes inventory data, communication data, contract data, and data for the fulfillment of the service, and the affected persons include our customers, prospects, and other business partners. The processing is done for the purpose of providing contractual services in the context of the operation of an online shop, delivery of stock media, and customer services. We use session cookies for storing the shopping cart content.

The processing is based on Article 6(1)(b) (execution of order processes) and (c) (archiving for legal reasons) GDPR. The information marked as required is necessary for the establishment and fulfillment and, if applicable, modification of the contractual relationship. We disclose the data to third parties only in the context of delivery, payment, or in the context of legal permissions and obligations to legal advisors and authorities. The data is processed in third countries only if this is necessary for the fulfillment of the contract (e.g., upon customer request at delivery or payment).

When paying via Stripe, we pass on your order data for the purpose of payment processing to Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”). In the USA, the service is offered by Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA.

During the order process, Stripe collects the following information about your order and the corresponding chosen payment provider (Visa, Mastercard, PayPal):

1. Name

2. Address

3. Account number

4. Bank code

5. Possibly credit card number

6. Invoice amount

7. Currency

8. Transaction number

9. Date of transaction

The collection of your data is solely for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose.

Stripe reserves the right to conduct a credit check. For this purpose, your payment data may be transmitted to credit agencies based on Stripe’s legitimate interest in determining your solvency in accordance with Article 6(1)(f) GDPR. The result of the credit check regarding the statistical probability of default is used by Stripe for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values.

You can object to this processing of your data at any time by sending a message to Stripe. However, Stripe remains entitled to process your personal data if this is necessary for the contractual payment processing. We have concluded a contract with Stripe based on the EU standard data protection clauses.

You can find Stripe’s privacy policy here: https://stripe.com/de/privacy

We process data as part of administrative tasks and organization of our operations, financial accounting, and compliance with legal obligations, such as archiving. In this context, we process the same data that we process as part of the provision of our contractual services. The legal bases for processing are Article 6(1)(c) GDPR, Article 6(1)(f) GDPR. The data subjects affected by the processing include customers, prospects, business partners, and website visitors. The purpose and our interest in the processing lie in administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, the performance of our tasks, and the provision of our services. The deletion of data concerning contractual services and contractual communication corresponds to the information provided in these processing activities.

We disclose or transmit data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.

Furthermore, we store information about suppliers, event organizers, and other business partners based on our business interests, e.g., for later contact. These predominantly company-related data are generally stored permanently.

When contacting us (e.g., via contact form, email, phone, or social media), the user’s information is processed to handle the contact request and its processing in accordance with Article 6(1)(b) GDPR. The user’s information may be stored in a Customer Relationship Management System (CRM System) or comparable request organization. Legal archiving obligations apply.

If you participate in surveys, we process the data you provide exclusively for the purpose of responding to your inquiry or evaluating the survey.

We use the website builder and Content Delivery Network (CDN) Webflow to host, design, and provide offers on this website.

This service is provided by Webflow Inc., 398 11th Street, 2nd Floor, San Francisco, California, 94103, USA (“Webflow”).

When you contact us, Webflow processes the following data:

1. Name

2. Email

3. Address

4. Other information in the contact form

The legal basis for this processing is Article 6(1)(b) GDPR, as we need the above-mentioned data to initiate, conduct, or terminate a contractual relationship with you.

As part of the hosting/website builder system, Webflow processes only the data mentioned in “2. Types of Data Processed”.

As part of hosting, Webflow also acts as a Content Delivery Network. A Content Delivery Network (CDN) is a network of regionally distributed and internet-connected servers that distribute content.

By distributing network traffic, a faster loading time of the website, fail-safety, and higher protection against data loss is ensured. This constitutes a legitimate interest in accordance with Article 6(1)(f) GDPR.

Webflow is certified under the EU-US Privacy Shield but does not provide an adequate level of data protection: https://www.privacyshield.gov/participant?id=a2zt0000000TT9jAAG&status=Active

Webflow’s current privacy policy can be found here: https://webflow.com/legal/eu-privacy-policy

Webflow works with Amazon Web Services (AWS) as a subcontractor for hosting. Data is processed in Germany and Ireland. For technical reasons, the infrastructure may be maintained from the USA. AWS is certified under the US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active

The USA does not have an adequate level of data protection according to the European Court of Justice. However, AWS offers each customer a GDPR data processing addendum that contains standard data protection clauses (Data Processing Addendum): https://docs.aws.amazon.com/whitepapers/latest/navigating-gdpr-compliance/aws-data-processing-addendum-dpa.html

In addition, further data protection guarantees are required according to the European Court of Justice, which are currently not yet available.

Webflow also works with Fastly as a subcontractor for hosting. Data is processed in the USA. Fastly is certified under the US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TNGUAA4&status=Active

The USA does not have an adequate level of data protection according to the European Court of Justice. However, Fastly offers each customer a GDPR data processing addendum that contains standard data protection clauses (Data Processing Addendum): https://www.fastly.com/de/data-processing

In addition, further data protection guarantees are required according to the European Court of Justice, which are currently not yet available.

We, or our hosting provider Webflow, collect data on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR on every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date, and time of access, amount of data transferred, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Logfile information is stored for security reasons (e.g., to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidence purposes are exempt from deletion until the respective incident is finally clarified.

We use Google Analytics, a web analysis service of Google LLC (“Google”), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Article 6(1)(f) GDPR). Google uses cookies. The information generated by the cookie about the use of the online offering by users is generally transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offering by users, to compile reports on the activities within this online offering, and to provide us with other services related to the use of this online offering and the internet. In doing so, pseudonymous usage profiles of the users can be created from the processed data.

We use Google Analytics only with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user’s browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offering by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

For more information on data use by Google, settings, and opt-out options, please refer to Google’s privacy policy (https://policies.google.com/privacy) and the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

The personal data of users will be deleted or anonymized after 14 months.

Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6(1)(f) GDPR), we use the marketing and remarketing services (short: “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner, so that users are only presented with ads that potentially match their interests. If, for example, users see ads for products they have shown interest in on other websites, this is referred to as “remarketing.” For these purposes, when our and other websites on which Google Marketing Services are active are accessed, a code from Google is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also referred to as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e., a small file, is stored on the user’s device (instead of cookies, comparable technologies can also be used). The cookies can be set from various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which websites the user visits, which content they are interested in, and which offers they have clicked on, as well as technical information about the browser and operating system, referring websites, visit time, and other information about the use of the online offering. The IP address of the users is also recorded, whereby we inform you within the framework of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is it transmitted in full to a Google server in the USA and shortened there. The IP address is not merged with the user’s data within other offers from Google. The aforementioned information may also be combined by Google with such information from other sources. If the user subsequently visits other websites, tailored ads to their interests can be displayed.

The data of the users are processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store and process the name or email address of the users, but processes the relevant data cookie-related within pseudonymous user profiles. This means that from Google’s perspective, the ads are not managed and displayed for a specifically identifiable person but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google’s servers in the USA.

Among the Google Marketing Services we use is, among others, the online advertising program “Google AdWords.” In the case of Google AdWords, each AdWords customer receives a different “conversion cookie.” Cookies can thus not be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.

We can place ads on the Google advertising network based on the Google Marketing Services “AdWords,” which are displayed in search results or on third-party websites. Furthermore, we can use the “Google Remarketing” feature. This function allows us to tailor the ads within the Google advertising network to display ads only to those users who have shown an interest in our online offering or who have certain characteristics (e.g., interests in specific topics or products determined by the websites visited) that we transmit to Google (so-called “remarketing” or “Google Analytics audiences”). With the help of remarketing, we also want to ensure that our ads correspond to the potential interest of users and do not have a harassing effect.

We can also use the “Google Tag Manager” to integrate and manage Google analytics and marketing services on our website.

Further information on the use of data for marketing purposes by Google can be found on the overview page: https://www.google.com/policies/technologies/ads, Google’s privacy policy can be found at https://www.google.com/policies/privacy.

If you wish to object to interest-based advertising by Google Marketing Services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

We use social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering pursuant to Art. 6(1)(f) GDPR). The plugins can represent interaction elements or content (e.g., videos, graphics, or text contributions) and are recognizable by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Gefällt mir” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user calls up a function of this online offering that contains such a plugin, their device establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offering. User profiles can be created from the processed data. We have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore inform users according to our knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plugins, for example by pressing the Like button or leaving a comment, the corresponding information is transmitted directly from their device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them through this online offering and link it to their member data stored on Facebook, they must log out of Facebook and delete their cookies before using our online offering. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, meaning they are adopted for all devices, such as desktop computers or mobile devices.

Within our online offering, the so-called “Facebook Pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used based on our legitimate interests in analysis, optimization, and economic operation of our online offering and for these purposes.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

With the help of the Facebook Pixel, Facebook is able to determine the visitors of our online offering as a target group for the presentation of advertisements (so-called “Facebook Ads”). Accordingly, we use the Facebook Pixel to display the Facebook Ads we place only to those Facebook users who have shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products determined by the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook Pixel, we also want to ensure that our Facebook Ads correspond to the potential interest of users and are not annoying. With the help of the Facebook Pixel, we can further understand the effectiveness of Facebook advertisements for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook advertisement (so-called “conversion”).

The processing of data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook Ads, in the data usage policy of Facebook: https://www.facebook.com/policy.php. Special information and details about the Facebook Pixel and how it works can be found in the Facebook Help Center: https://www.facebook.com/business/help/651294705016616.

You can object to the collection by the Facebook Pixel and the use of your data to display Facebook Ads. To set what types of ads are shown to you within Facebook, you can go to the page set up by Facebook and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, meaning they apply to all devices, such as desktop computers or mobile devices.

You can also object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

We use the tool “Sessions” from sessions.us for conducting our online meetings as well as for the initial contact with potential customers. When using this tool, personal data such as name and email address is processed. The legal bases for processing this data are Art. 6(1)(b) GDPR, as the processing is necessary for the performance of a contract, and Art. 6(1)(f) GDPR, based on our legitimate interest in contacting potential customers and presenting our services.

For users in the European Economic Area (EEA), the United Kingdom, and Switzerland, Sessions Technologies Romania SRL, Str. Ceasornicului 17, Floor 1, Sector 1, Bucuresti, Romania, is the controller responsible for the information processed through the tool.

For more information on data processing by sessions.us, please refer to their privacy policy: https://resources.sessions.us/resources/help-center/knowledge-base/terms-privacy/privacy-policy.

We use the tool “Trello” from Atlassian Pty Ltd, Level 6, 341 George Street, Sydney, NSW 2000, Australia, to manage and organize projects and tasks. When using this tool, personal data is processed, including names, email addresses, and information entered in the context of projects and tasks.

The legal bases for processing this data are Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance of a contract, and Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in efficiently managing our projects and organizing our services.

Trello also processes data outside the European Union. Atlassian Pty Ltd is certified under the EU-U.S. Privacy Shield and thus offers a guarantee to comply with European data protection law. For more information on data processing by Trello, please see Trello’s Privacy Policy: https://trello.com/privacy. Information on Atlassian’s certification under the Privacy Shield can be found here: https://www.privacyshield.gov/ps/participant?id=a2zt00000008RdQAAU&status=Active.

We use content or service offerings from third-party providers within our online offering based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6(1)(f) GDPR) to incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).

This always requires that the third-party providers of this content perceive the IP address of the users, as they would not be able to send the content to their browser without the IP address. The IP address is thus required for the display of these contents. We strive to use only those contents whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. Through the “pixel tags,” information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the user’s device and may include, among other things, technical information about the browser and operating system, referring websites, visit time, and other information about the use of our online offering, as well as being linked to such information from other sources.

The following overview provides an outline of third-party providers and their content, along with links to their privacy policies, which contain further information on the processing of data and, in part already mentioned here, opt-out options:

• Maps by the service “Google Maps” of the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.

• Videos from the platform “YouTube” of the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated.

• Within our online offering, functions of the Instagram service may be integrated. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If users are members of the Instagram platform, Instagram can associate the calling of the above-mentioned content and functions with the profiles of the users there. Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.

• We use social plugins of the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When a user calls up a function of this online offering that contains such a plugin, their device establishes a direct connection to Pinterest’s servers. The plugin transmits log data to Pinterest’s server in the USA. These log data may include the IP address, the address of the visited websites, which also contain Pinterest functions, type and settings of the browser, date and time of the request, your use of Pinterest, and cookies. Pinterest’s privacy policy: https://about.pinterest.com/de/privacy-policy.

• Within our online offering, functions of the Twitter service may be integrated (hereinafter referred to as “Twitter”). Twitter is an offer of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The functions include the display of our contributions within Twitter within our online offering, the linking to our profile on Twitter, and the possibility to interact with the contributions and the functions of Twitter, as well as to measure whether users reach our online offerings through the advertisements placed on Twitter (so-called conversion measurement). Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.

• We use functions of the LinkedIn network. Provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn’s servers is established. LinkedIn is informed that you have visited our internet pages with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to associate your visit to our internet site with you and your user account. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data and their use by LinkedIn. Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

• We use functions of Google+ or the “Google Plus” button of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). When you call up one of our websites that contains a Google+ button, your browser establishes a direct connection to Google’s servers. The content of the button is transmitted by Google directly to your browser and integrated into the website. We, therefore, have no influence on the extent of the data that Google collects with the button. According to Google, no personal data is collected without a click on the button. Only for logged-in members, such data, including the IP address, are collected and processed. The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this respect and settings options for protecting your privacy can be found in Google’s privacy notices on the “Google+ Button”: https://www.google.com/intl/de/+/policy/+1button.html and the FAQ: http://bit.ly/1Q0c1Y8. If you are a Google Plus member and do not want Google to collect data about you through our online offering and link it to your member data stored by Google, you must log out of Google Plus before visiting our online offering and delete your cookies within the browser.

The controller informs the data subject in accordance with Articles 13 and 14 GDPR about the processing of personal data concerning them. For this purpose, the controller provides the data subject with all the information mentioned in Articles 13 and 14 GDPR.