Privacy Policy | BAUER Equipment America, Inc.

1. Information about the Controller and your rights

1.1 Contact details of Controller / Data Protection Officer

The Controller as defined in Article 4 (7) of the EU General Data Protection Regulation (GDPR) is

BAUER Equipment America, Inc.

Texas Business & Service Office
680 Conroe Park West Drive
Conroe, TX 77303

You can reach our data protection officer at bag-datenschutz@bauer.de or by writing to our mailing address “c/o Data Protection Officer.”

1.2. Rights of the data subject regarding the processing of personal data

You are entitled to the rights under the General Data Protection Regulation as well as the Federal Data Protection Act, in particular:

the right to access information (section 15 of the GDPR)
the right to rectification (section 16 of the GDPR)
the right to erasure (section 17 of the GDPR)
the right to restriction of processing (section 18 of the GDPR)
the right to object against the processing (section 21 of the GDPR) and
the right to data portability (section 20 of the GDPR).

To exercise these rights, please contact the data protection officer listed above.

Where processing of personal data is based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Where we base the processing of your personal data on the weighing of interests, you may object to this processing. This is the case in particular if processing is not necessary for the performance of a contract with you, which we indicate specifically in the above description of functions. When exercising this right to object, we ask you to explain the reasons why we should not process your personal information as we have done. If your objection is justified, we will examine the situation and either stop or adjust data processing or demonstrate compelling legitimate grounds on the basis of which we will continue processing.

You also have the right to lodge a complaint with the data protection officer listed above or with a data protection supervisory authority.

2. Information about the website

2.1. Provision of the website and log files

Description and scope of data processing
During each access to our website, our web server automatically collects information from the system of the accessing computer or end device

The following data is collected in this process for example and saved in log files:

The user’s IP address
Browser type and version used
Operating system of the end device
The user’s Internet service provider
Date and time of access
Requesting domain
Website from which the page is accessed
Status and volume of data transmitted

Purpose and legal basis of processing

It is necessary for our system to temporarily store the IP address in order to deliver the website to your computer. Additional data is saved in log files in order to guarantee that the website operates and is fully functional. This data is also used to optimize the website and to ensure the security of our IT systems (e.g. detecting attacks). The legal basis for the temporary storage and use of this data is Art. 6 (1)(f) GDPR. Our interest here lies in guaranteeing the integrity, confidentiality and availability of the data that is processed through this website.

Duration of storage

The data listed above is deleted as soon as it is no longer required in order to achieve the purpose for which it was collected.In the case of data collection to provide the website, this is the case when the specific session has ended.

As a rule, log files are deleted after 30 days at most. However, storage exceeding this period is possible. In this case, the IP address will be deleted or altered so that it can no longer be attributed to the accessing client and the collected data no longer has any personal reference.

2.2. Cookies/cookie consent and similar technologies

Description and scope of processing

Our website uses cookies – small data sets that are stored on the user’s end device when visiting websites (e.g. smartphone, notebook, PC). Cookies can be placed by us as the website operator (known as first-party cookies) or by third parties (known as third-party cookies). They can help to make the website more user-friendly, for example by saving the user’s settings (e.g. cookie preferences, login status, language selection). In addition, cookies are used to collect statistics about website use or to conduct online marketing.

Other technologies such as web beacons, pixels or tags are also used to save and transmit information on the user’s end device. We explain which information and personal data are processed with which specific technologies in the privacy information for the tools listed below. However, you can also see this by opening the detailed view of the Consent Management Tools (CMT). The CMT that we use is Cookie Consent Manager CCM19. Personal data is not processed in all cases.

Processing of personal data occurs when the information can be attributed to a user (e.g. by the full IP address, unique cookie IDs, MAC address or attribution to an account in which the user is logged in). You can change your browser settings so that you will be informed when cookies are set, only allow cookies on a case-by-case basis, accept cookies for specific cases or prevent them as a rule, or activate the automatic deletion of cookies when your browser is closed. Deactivation of cookies can lead to functional restrictions on this website.

Purpose and legal basis of processing

As a rule, we differentiate between (technically) required and optional (not required) cookies. Technically required cookies are necessary in order to provide you with our website or the functions and services that you wish to access on our website, and to ensure the security of the website. The legal basis is Section 25 (2) of the TDDDG on the one hand, and insofar as personal data is processed, Art. 6 (1)(c) and (f) GDPR. We explain which legal requirements and legitimate interests are relevant here in the privacy information for the tools listed below.

Not required cookies include those cookies which track the behavior of website visitors for the purpose of analysis and marketing. These cookies are only used with your consent in accordance with Section 25 (1) of the TDDDG, and insofar as personal data is processed, Art. 6 (1)(a) GDPR. We obtain your consent using a CMT or in connection with accessing the specific website function. In order to save your cookies preference, the CMT saves a permanent and technically required cookie. You can withdraw your consent at any time by accessing the CMT again (cookie symbol).

Duration of storage

The duration of storage (known as cookie lifetime) depends on the type and purpose of the cookie. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (known as session cookies). Other cookies remain on your computer and enable us to identify your computer the next time you visit (known as permanent cookies).

In addition, you have the option of deleting cookies yourself or automatically using your browser settings.

2.3. Contact form

Description scope of processing

If you contact us via an online form or by e-mail, we will store the information you have provided in order to respond to your inquiry and ask any follow-up questions.

Intended purpose and legal basis of processing

The legal basis is Article 6 (1) Sentence 1 (a) GDPR, unless establishing contact is justified for the performance of a contract in accordance with the legal basis of Article 6 (1) Sentence 1 (b) GDPR.

Duration of storage

We will erase the data collected for this purpose once its storage is no longer required, or restrict processing if we are required by law to retain the data.

2.4. Newsletter

Description scope of processing

If you would like to regularly receive the newsletter offered on our website and other informational materials, we need you to provide an email address as well as information allowing us to confirm that you are the owner of the email address provided and consent to the receipt of the newsletter. For this purpose, we use the double opt-in process for which you receive a confirmation email and then have to click on the confirmation link in the email.

You can provide additional information on registration, for example if you would like to be addressed personally or if you would like to be informed particularly about events near you. In this regard, we refer to optional information that can be entered in forms.

When mailing the newsletter, individual tracking of the open and click rate is carried out.

In this context, the IP address and technical information from the accessing system are transmitted to the server. In this way, the system registers that an email was opened (open rate tracking).

The links in the newsletter include recipient detection along with the actual URL (“Internet address”).

In this way, the system records which links were clicked by a user at what time (link tracking). This information is attributed to the individual newsletter recipients and saved in profiles. These profiles may contain additional information, e.g. regarding the company sector or sample products that are used at the recipient’s company.

Purpose and legal basis of processingage

We collect this data in order to measure the reach of the newsletter and specific contents. Individual data collection also enables us to better understand the interests of different user groups and adapt our marketing initiatives to user groups or individual users, for example adapting newsletter content to the recipients’ interests or for interest-based online marketing (known as behavioral targeting).

Open rate and link tracking, as well as saving measurement results in recipient profiles and further processing, is carried out on the basis of consent in accordance with Art. 6 (1)(a) GDPR. Separate revocation of performance measurement is not possible, in this case the newsletter subscription needs to be canceled or revoked. In this case, the saved profile information will be deleted. You can revoke your consent to newsletter mailing at any time by unsubscribing from the newsletter using the link at the end of the email.

Logging and documentation of consent, the opt-in process and any objection if relevant occurs as part of the legal obligation to provide evidence in accordance with Art. 6 (1)(c) GDPR.

Duration of storage

The personal data mentioned above will remain stored as long as you would like to receive the newsletter and do not revoke your consent. Data that can no longer be attributed to an identifiable person are considered to be anonymized and can be stored for longer periods.

2.5. Use of web analysis via Matomo

Description and scope of processing

On our website, we use the software “Matomo”, a service from the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. Matomo is a web analysis software that is compliant with data protection requirements. We use Matomo with the extension “AnonymizeIP”. As a result, IP addresses are only further processed in truncated form, ruling out the possibility of direct personal identification.

The following information is collected in this context:

The user’s IP address, truncated by the last two bytes (anonymized)
The specific page accessed and time of access
The page from which the user was forwarded to our website (referrer)
The browser used as well as which plugins, which operating system and which screen resolution, as well as the duration of the website visit
The pages that were called up from the specific page accessed
Duration of website visit
Frequency of website visits
The user’s region

We have concluded a contract data processing agreement with the provider InnoCraft Ltd., which means that they are only allowed to process the collected data based on our instructions and for the purposes we have specified.

Purpose and legal basis of processing

Web analysis using Matomo enables us to collect statistical data about how our website is used. By analyzing the collected data, we are able to compile information about the use of individual components on our website. This helps us to make our website more user-friendly and improve its content. These purposes also include our legitimate interest in data processing in accordance with Art. 6 (1)(f) GDPR. Anonymizing IP addresses provides adequate consideration of the user’s interest in protecting personal data.

Custom settings regarding Matomo tracking

2.6. Conversion tracking and event tracking

Description and scope of processing

We use a service known as ad conversion tracking. If you reach our website through an ad provided by Google Ads, Microsoft Ads (formerly Bing Ads) or LinkedIn Ads, cookies will be saved on your end device by Google, Microsoft or LinkedIn.

We and the specific ad platform can identify in this way that someone clicked on an ad, was forwarded to our website and reached a previously defined target page (conversion page). In this context, we only learn the total number of users who clicked on an ad.

For event tracking, cookies and related technologies are used to collect additional information about the use of this website. This includes which search terms and ads led you to our website, the duration of the website visit and which areas of the website were accessed or conversions/events. IP addresses are truncated or hashed (if they are used to address users across multiple devices). We receive this data in the form of statistics without reference to individuals. The providers of these services, however, may be able to attribute the data to an IP address or other user ID.

In particular if you are logged in to the specific providers with a user account, your user behavior can be attributed to that user account and tracked even across more than one of your end devices.

Please note that the services we use may also transfer data into a country that does not offer an adequate level of data protection. In the case of transferring personal data to third states, we have concluded standard contractual clauses, additionally Google and Microsoft are certified in accordance with the EU-US Data Privacy Framework and data transfer to the USA is subject to an adequacy resolution of the EU Commission.

You can find more information about the specific provider in the following links. There you can also find links which allow you to set whether you would like to be shown personalized or interest-based ads on the specific platforms and services:

Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland)
Google’s Privacy Policy: https://policies.google.com/privacy?hl=de
Google Cookie-Policy: https://policies.google.com/technologies/cookies?hl=de
Google Ad Settings: https://adssettings.google.com/

LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Irland)
LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy
LinkedIn Cookie- Policy: https://www.linkedin.com/legal/cookie_policy
LinkedIn Ad Settings: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
LinkedIn EUStandard Contractual Clauses: https://www.linkedin.com/legal/l/eu-sccs

Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland)
Microsoft Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
Microsoft Retargeting Guidelines: https://about.ads.microsoft.com/de-de/ressourcen/richtlinien/richtlinien-fuer-remarketing-in-bezahlter-suche
Microsoft Ad Settings: https://account.microsoft.com/privacy/ad-settings/

Purpose and legal basis of processing

The purpose of data processing is to measure the reach and success of our advertising and marketing initiatives. This allows us to optimize them and make them more cost-effective.

We only use these functionalities if you have granted your consent to us via the CMT in accordance with Section 25 (1) TDDDG and Art. 6 (1)(a) GDPR. You have the option of revoking your consent by changing your cookie settings in the CMT.

Duration of storage

The duration of storage depends on the type and purpose of the cookie. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (known as session cookies). Other cookies remain on your {1][2}computer and enable us to identify your computer the next time you visit (known as permanent cookies). Permanent cookies have a validity period from 3 to 13 months.

You can see the cookie life time in the detailed view of the Consent – Management Tools.

Apart from revoking them via CMT, you already have the option of deleting cookies yourself or automatically using your browser settings.

3. Information about online marketing and social media

3.1. Online marketing (Google Ads, Display & Video 360, Campaign 360)

Description and scope of processing

In the context of marketing campaigns and to display our advertisements in the display network, we use services from the Google Marketing platform. These services also use cookies and related technologies. In particular, a cookie is placed that contains a randomly generated user ID which makes it possible to recognize the user across different websites within the display network, Google search and other Google services (e.g. Gmail, YouTube) across various domains. This is known as 3rd party tracking. The user behavior on our website and interactions with advertisements (see Google Analytics 4 and Google Ads Conversion) are attributed to this user ID. Between Google DV360, Google Campaign, Google Ads and Google Analytics there is a technical connection. As a result, previously collected data can flow between the tools.

Apart from activities on our website, Google also processes information concerning your usage behavior in the Google ad network and provides this to us. During data collection, the following types of personal data may be used:

Online identifiers (including cookie IDs)
IP addresses and device identifiers
Location data
Identifiers assigned by us

If we manage our ad campaigns using these services, Google is the contract processor. Furthermore, Google collects and uses personal data as an independent Controller within the advertising network. In this context, user or interest profiles may be compiled. We would like to inform you that for users who are registered with Google and have logged into an account, Google is able to link their visit to this website with the registered data. Google will use this data to enable other advertisers to display targeted advertising for users who match these profiles. The user ID generated to identify advertising is unique for each advertiser, however, which means that no personal data can be forwarded to third parties in this context.

Insofar as Google also processes data outside the EU/EEA, this data transfer occurs on the basis of the EU standard contractual clauses and certification under the adequacy resolution EU-US Data Privacy Framework (see above Google Analytics 4).

You can find more information about the processing of personal data and the use of cookies in connection with Google Marketing products at: https://policies.google.com/technologies/partner-sites

Purpose and legal basis of data processing

The purpose of data processing is to optimize and personalize our ads in order to display relevant ads to users and prevent a user from seeing the same ads repeatedly. To this end, online marketing methods are employed which position the ads automatically and in real time (real time bidding) on websites or apps in order to address the right target group specifically (programmatic advertising). In addition, with the employed tools we are able to measure the effectiveness of our advertising initiatives and manage them better.

Google Ads Remarketing is a remarketing or retargeting service. This service analyzes the user’s interactions on our website, in particular which services the user showed interest in, in order to display targeted ads on other pages even after visiting our website. For this purpose, Google saves and reads marketing cookies in the browsers of users who visit specific Google services or websites in the Google Display network. This cookie records this user’s visits.

The Google Campaign Manager tool is used to place ads that are relevant for users in order to improve campaign performance reports or prevent a user from seeing the same ads repeatedly.

With Google Display & Video 360 (DV360), data is processed regarding your behavior on our websites for marketing processes and to deliver personalized advertising messages. In addition, we learn more about advertising target groups from the data collected on our website as well as data concerning third-party providers and Google, and we can generate combined target groups from different data sets. With DV360 we can also trace where and how our ads were displayed. We process this data to form user groups with comparable behaviors, to generate marketing lists and to display user-based advertising.

The required cookies and related technologies for this purpose are only used on our website and the associated processing of your personal data only occurs if you have granted us your consent in the cookie settings. The legal basis is Section 25 (1) TDDDG and Art. 6 (1)(a) GDPR.

You also have the option to object and adjust the display of personalized marketing through Google’s ad settings here or to restrict them using the deactivation page of the Network Advertising Initiative.

Duration of storage

Cookies that save interactions such as website visits have a validity of 90 days as a rule. Advertising cookies (NID, IDE, ANID) that control and measure the display of ads have a validity of 13 months.

Apart from revoking them via the Consent Management Tool, you already have the option of deleting cookies yourself or automatically using your browser settings.

3.2. Online marketing (Meta and LinkedIn)

Description and scope of processing

In the area of online marketing, we work together with the following providers: Meta and LinkedIn. These activities particularly include marketing ad spaces or displaying advertising content and other content based on the potential interests of users, as well as measuring the effectiveness of such activities. For this purpose, we use the following services:

Meta-Pixel

Purpose and legal basis of processing

For the purpose of conversion tracking, we use the Meta Pixel on our website from the provider Meta Platforms Ireland Limited, Block J, Serpentine Avenue, Dublin 4, Ireland (hereinafter referred to as “Meta”).

The Meta Pixel is a JavaScript code excerpt that allows us and Meta to understand and trace the activities of users on our website. The Meta Pixel is activated as soon as users activate specific contents on our website (known as event data).

As the operator of the website, we are unable to draw any conclusions about the identity of users. However, it is possible that Facebook will establish a connection to the specific user profile on Facebook and use the data for its own purposes. We are unable to influence this use.

Legal basis: The use of the Meta Pixel occurs on the basis of your consent in accordance with Art. 6 (1)(a) GDPR.

The recipient is Meta Platforms Ireland Limited.

In order to process personal information for the purpose of providing analysis and campaign reports, Meta acts on our behalf as a contract processor in accordance with Art. 28 GDPR.

Furthermore information about how Meta processes personal data can be found in Meta’s Privacy Policy, accessible at:
https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.

LinkedIn Insight-Tag

Purpose and legal basis of processing

For the purpose of conversion tracking and retargeting, we use the LinkedIn Insight Tag from the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

The LinkedIn Insight Tag is a JavaScript code excerpt that allows us to understand and trace the activities of users on our website. The LinkedIn Insight Tag triggers the placement of tracking cookies and makes it possible to collect the following data: URL, referrer URL, IP address (truncated or hashed), device and browser properties (user agent) as well as time stamp.

LinkedIn does not share any personal data with us, but instead only offers reports and notifications about the demographics of our website target group and the performance of our ads. In this context, we receive information about criteria such as the industry, job description, company size, career level and location.

If you are a LinkedIn member, you will be shown targeted ads as part of retargeting based on the data collected by LinkedIn.

Legal basis: The use of the LinkedIn Insight Tag occurs on the basis of your consent in accordance with Art. 6 (1)(a) GDPR.

Duration of storage

Duration of storage: The direct identification of members is removed by LinkedIn within seven days in order to pseudonymize the data. The remaining pseudonymized data is then erased within 180 days.

Recipient:

LinkedIn Ireland Unlimited Company, Ireland
LinkedIn Corporation and other affiliated companies of LinkedIn, USA (certified under the Data Privacy Framework)

LinkedIn acts on our behalf as a contract processor in accordance with Art. 28 GDPR.

You can find more information about how LinkedIn processes your data at:
https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com and https://www.linkedin.com/help/lms/answer/a427661/linkedin-insight-tag-haufig-gestellte-fragen?lang=de.

You can change the settings for displayed advertisements here: https://www.linkedin.com/mypreferences/d/categories/ads

You can deactivate LinkedIn Retargeting here:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Leadgenerierung on LinkedIn (Lead Gen Forms)

Description and scope of processing

We use the Lead Gen Forms service from the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. If you click on our LinkedIn company page or the form embedded in our ad campaign, the data stored in your LinkedIn profile will be auto-filled. In the next step, you can decide whether you would like to submit this form to us.

Purpose and legal basis of processing

We use these forms for the purpose of recruiting. When you submit a form, we process the following data as a rule:

Personal information and contact data: First and last name, email address, URL of LinkedIn profile, phone number, city, country/region
Professional data: Qualification (training, degrees), employer (company name, size, industry) and profession (name of profession, areas of activity, career level)

Legal basis: The processing of personal data from the Lead Gen Forms occurs on the basis of your consent in accordance with Art. 6 (1)(a) GDPR.

Recipient:

LinkedIn Ireland Unlimited Company, Ireland
LinkedIn Corporation and other affiliated companies of LinkedIn, USA (certified under the Data Privacy Framework)

3.3. Social media

Description and scope of processing

We support communication on social media and provide corresponding social media links on our website (YouTube, Meta, Xing, LinkedIn).

Zweck und Rechtsgrundlage der Verarbeitung

Purpose and legal basis of processing

We operate these pages as communication and informational channels to offer information about our services. The legal basis for data processing is Art. 6 (1)(f) GDPR.

If you visit our social media pages, no personal data will initially be forwarded to the social media provider as a rule. You can recognize the social media provider from the text in the box above its first letter or by the logo. We allow you to access the provider’s website via the stored link. If you access those websites, you will leave our website and your data will processed by those providers according to their data protection regulations. You can find more information about the purpose and scope of data collection and its processing by the specific social media providers in the privacy policies published on their websites. These privacy policies also provide further information about your rights and configuration options for the protection of your privacy.

When you visit our social media pages, the relevant provider will save your IP address along with other information that is available on your PC in the form of cookies. This information is used to provide us, as operator of the specific social media pages, with statistical information about the use of the pages. The generated visitor statistics are exclusively transmitted to us by the provider in anonymized form. We use this statistical data to make our posts and activities on our social media pages more attractive for users. The data collected about you in this context is processed by the specific social media provider and may be transferred to countries outside the European Union. Please refer to the Privacy Policy of the relevant provider.

If you communicate with us via social media, we also process your personal data. In this regard, we are joint controllers along with the specific social media provider for the collection of data concerning visitors to our specific social media page.

4. Information about ordering publications

Description and scope of processing

When you order our company publications either by filling out the online form or by sending an e-mail, the personal data you provide (name, address, other contact details, publications ordered) is processed within the framework of our corporate communications in order to send you information about the BAUER Group, especially about the Group’s products, services and events.

Purpose and legal basis of processing

This processing is conducted either on the basis of an order received from you in accordance with Article 6 (1) Sentence 1 (b) GDPR or insofar as you have consented to the processing of personal data in accordance with Article 6 (1) Sentence 1 (a) GDPR. If consent is not required, processing occurs on the basis of our legitimate interest in direct marketing, if and insofar as this is legally permitted, for example advertising to existing customers.

Within our company, access to your personal data will only be granted to those parties who require the data in order to send company publications. These include recipients in the following categories: shipping service providers, IT services, logistics, telecommunications and processors. Transfer of data to locations in countries outside the EU or the EEA (third countries) takes place only if your delivery address is located in a third country.

Duration of storage

We only store your data for as long as this is necessary in order to provide our services to you. After this period, the data will be erased unless other statutory obligations require further retention of the data, in particular retention periods under trade law and tax law (up to 10 years) or if the controller has a legitimate interest in this regard. You can withdraw your order or your consent to the receipt of publications at any time and cancel your subscription by sending an e-mail to public.relations@bauer.de.

5. Information about integration of additional services

5.1. Embedded YouTube videos

General

For the provision of videos, we use the “YouTube” video platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Due to the embedding of YouTube videos, according to Google, your IP address will be transferred to Google and cookies may be set by Google.

If you are logged in to your Google account at the same time, Google can attribute the data to your member account.

If you do not wish this to occur, log out of your Google account before visiting our website. The videos are embedded in “privacy-enhanced mode,” which means that no data about you as a user is transferred to YouTube if you are not playing videos.

Personal data is not transferred until you play the videos (e.g. IP address, data and time of access as well as information about the specific page you visited on your website and the video you played). In addition, a connection is established with Google’s advertising network. If you are logged in to YouTube at the same time, Google can attribute your video view on our website to your YouTube account and use this information for the purpose of personalized marketing. If you do not want this to occur, you need to log out of your YouTube account before activating the YouTube plugin.

Apart from this, we have no influence on the transfer of data to YouTube.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to YouTube's Privacy Policy. This privacy policy also provides further information about your rights and configuration options for the protection of your privacy: http://www.google.de/intl/de/policies/privacy.

To revoke your consent to the use of cookies on our website, follow the link for technically non-essential cookies under the “Cookies” section of this Privacy Policy and uncheck the box for the relevant cookies.

When you visit the website, YouTube is informed that you have opened the corresponding page on our website. In addition, the personal data that your browser sends to our server is forwarded to YouTube. This happens regardless of whether you are logged into a user account provided by YouTube or if you do not have a user account.

YouTube stores your data as usage profiles and uses this for the purposes of advertising, market research and/or targeted website design. This analysis, which also applies to anonymous users, is primarily used for placing custom ads and informing other users on the social network about your activities on our website. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right.

The legal basis for embedding YouTube videos on our website and the associated processing of personal data is your consent in accordance with Art. 6 (1)(a) GDPR.

5.2. Embedded Google Maps

Description and scope of processing

We use Google Maps on this website. This enables us to display interactive maps directly on the website and allows you to easily use the map feature.

The map service is not loaded until you have agreed to cookies for marketing purposes in the cookie banner or until you have given your consent on the specific page where the map service is provided.

Purpose and legal basis of processing

The legal basis here is Article 6 (1) Sentence 1 (a) GDPR. The content is not loaded for website visitors until consent has been given; accordingly, Google will be informed that you have accessed this specific page of our website.

In addition, the personal data that your browser sends to our server is forwarded to Google. This happens regardless of whether you are logged into a user account provided by Google or if you do not have a user account. If you are logged in to Google, your data is attributed directly to your account.

If you do not want your data to be attributed to your profile on Google, you need to log out before activating the button. Google stores your data as usage profiles and uses this for the purposes of advertising, market research and/or targeted website design. This analysis, which also applies to anonymous users, is primarily used for placing custom ads and informing other users on the social network about your activities on our website.

You have the right to object to the creation of these user profiles, but you must contact Google to exercise this right. For more information about the purpose and scope of data collection and processing by the plug-in provider, please refer to the provider's privacy policies.

These privacy policies also provide further information about your rights and settings options for the protection of your privacy: http://www.google.de/intl/de/policies/privacy.

To revoke your consent to the use of the map service on our website, follow the link for technically non-essential cookies under the “Cookies” section of this Privacy Policy and uncheck the box for marketing applications with future effect.

6. Data security information

We adopt technical and organizational security measures to protect your data against unauthorized access.

In addition to securing the operating environment, we use encryption in some areas (online application, customer account, contact form).

The information you provide is then transmitted in encrypted form using the Secure Socket Layer (SSL) protocol to prevent misuse of your data by third parties. You can tell that a page is secure if the status bar of your browser has a closed padlock icon and the address line begins with “https.”

7. Information about changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy and will announce any changes here.