Find what you are looking for
Data-
Protection

Welcome to this website. The protection of personal data is very important to us. Therefore, we inform you about the processing of personal data and all data subject rights in connection with the use of this website. If you have any questions about data protection or the processing of personal data, you can find imprint the contact details of the responsible person or body. We have concluded a contract for order processing with the providers named below and fully implement the strict requirements of the German data protection authorities when using our services.

Summary: We take data protection very seriously and adhere to the principle of data economy at all levels. All internal and external technical processes, server-client communication, and backups of this website are encrypted. All additional components and plugins used on this website are selected with great care. Additional plugins are regularly subject to rigorous auditing. For the service providers we commission for external data processing, such as storing backups, creating invoices, etc., we use only reputable, fully GDPR-compliant providers whose security has been verifiably tested regularly, preferably from the European Economic Area.

Data processing

This website can be used without providing any personal data. If personal data (such as names or email addresses) is collected on our website, this is done on a voluntary basis unless it is absolutely necessary to provide a service. As a general rule, all collected data will not be passed on to third parties without your express consent.

As a responsible company, we have taken numerous technical, conceptual, and organizational measures to ensure the most comprehensive protection possible for the data collected and processed via this website. As a responsible company, we consciously refrain from automated decision-making or profiling.

The responsible body within the meaning of the General Data Protection Regulation, the data protection laws of the Member States of the European Union and other provisions of a data protection nature is also clearly defined and valid.

scope

This privacy policy applies to all personal data processed on this website and connected systems, as well as to all personal data processed by companies commissioned by us (processors). In addition, we have concluded a data processing agreement (DPA) with all processors. Personal data refers to information within the meaning of Art. 4 No. 1 GDPR, such as names, email addresses, IP addresses, and postal addresses of individuals. The processing of personal data enables us to offer and bill our services and products, whether online or offline. The scope of this privacy policy extends to the following services. The services actually used may vary over time:

  • Our online presence: websites or online shops
  • Customer communication via email or messenger
  • Social media presence
  • Newsletters or other mailings
  • Apps for mobile devices
  • Online billing systems
  • Encrypted backups in cloud storage services

Legal basis

We process your data exclusively on the basis of the following legal bases

  • Legitimate interests (Article 6 (1) (f) GDPR): If legitimate interests require it, the processing of data is possible without active consent, e.g. to deliver the website to your computer.
  • Consent (Article 6 paragraph 1 letter a GDPR): Your consent enables us to process data for a specific purpose, e.g. when entering forms.
  • Contract (Article 6 paragraph 1 letter b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we may also process your data, e.g. for invoicing.
  • Legal obligation (Article 6 paragraph 1 letter c GDPR): We also process your data if we have to fulfill a legal requirement, e.g. the legal obligation to retain invoices.

Rights of data subjects according to GDPR

You have the right to information, rectification, erasure, restriction of processing, data portability, and objection. Further information on the GDPR: https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.

  • Right to information (Article 15 GDPR): You have the right to know whether we process your data. If so, you have the right to receive a copy of the data as well as information about the purpose of processing, the categories of data processed, the recipients (including any transfers to third countries), the storage period, your right to rectification, erasure, restriction of processing and objection, the right to lodge a complaint with a supervisory authority (link to the authority below), the origin of the data (if not collected from you), and the possible implementation of profiling.
  • Right to rectification (Article 16 GDPR): You have the right to have inaccurate data corrected.
  • Right to erasure (Article 17 GDPR – “right to be forgotten”): You can request that your data be deleted.
  • Right to restriction of processing (Article 18 GDPR): Under certain circumstances, we may only store your data but not further process it.
  • Right to data portability (Article 20 GDPR): Upon request, we will provide you with your data in a common format.
  • Right of objection (Article 21 GDPR): You may object to processing based on public interest or legitimate interest. We will consider whether we can comply with your objection.
  • Right to object to direct marketing and profiling: You can object to the use of your data for direct advertising or profiling at any time.
  • Automated decisions (Article 22 GDPR): Under certain circumstances, you have the right not to be subject to measures based solely on automated decisions.
  • Right to lodge a complaint (Article 77 GDPR): You have the right to complain to the data protection authority if you believe that the processing of your data violates the GDPR.

To exercise these rights, please contact us. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to lodge a complaint with the relevant supervisory authority (the Data Protection Authority).

Data transfer to the USA

Our website includes tools from companies based in the USA. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obligated to disclose personal data to security authorities without you, as the data subject, being able to take legal action. It cannot therefore be ruled out that US authorities (e.g., intelligence agencies) may process, evaluate, and permanently store your data on US servers for surveillance purposes. We have no influence over these processing activities.

Storage period

The data processed during your use of our website will be deleted as soon as the purpose for which it was stored no longer applies. This occurs on the condition that there are no legal retention obligations that prevent deletion and no deviating information regarding specific processing methods is available. In some cases, we are legally obligated to retain certain data even after the original purpose no longer applies, for example, due to tax law requirements.

Revocation of your consent to data processing

Many data processing operations are only possible with the express consent of the data subjects. You can revoke your consent at any time. The legality of the data processing carried out up to the time of revocation remains unaffected.

Cookies

Our website uses cookies. Cookies are small text files that are stored on your computer and saved by your browser. We use cookies to make our website easier to use and to perform statistical evaluations. You can prevent cookies from being saved by setting your browser software accordingly. For more information about the cookies used, their purpose, and the storage period, please refer to the Cookie Policy.

Web hosting

To display a website, the browser on the visitor's computer must connect to a web server and retrieve the website code. Operating a web server is a complex and time-consuming task. We therefore rely on professional providers and server systems that are operated with high performance, redundancy, security, and reliability. During data transfer from the web server to your local network and ultimately to your browser, personal data may be processed. On the one hand, your computer stores the received data, and on the other hand, the web server must also store your data in order to send it to you. Below, we provide information about the type and scope of the stored data, as well as the protective measures we have taken.

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 (1) (f) GDPR). Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

Server log files

Each time you access our website, information is automatically collected by the web hosting provider and stored in so-called server log files. This information includes:

  • IP address
  • Date and time of access
  • Name of the page accessed
  • Referrer URL (the previously visited page)
  • Amount of data transferred
  • Browser type and version
  • Operating system

The processing of this data is technically necessary so that we can deliver the site to you; it is therefore carried out out of legitimate interest in accordance with Art. 6 (1) (f) GDPR. The data is used exclusively for statistical evaluations and to improve the website. IP addresses are stored for 30 days in a so-called log rotation and then deleted.

SSL encryption

We use SSL certificates for secure technical communication between the client and the website. This is especially necessary when transmitting confidential data, such as form entries. SSL or TLS encryption is therefore used on this site. An encrypted connection is easily recognizable by the fact that the browser's address bar displays "https://"; a colored lock symbol is usually also displayed in the browser's address bar. By using SSL or TLS encryption, the data you transmit cannot be read by third parties.

Core services

The legal basis for the processing is our legitimate interest in the effective handling of your request pursuant to Art. 6 para. 1 lit. f GDPR.

Content management system (WordPress)

Our website is based on the open source content management system WordPress. The system is installed locally on our servers. No data processing of the WordPress core services takes place outside of the secure server environment. If you have a login and log in to the site, WordPress processes personal data such as your email address or your name for authentication. WordPress uses cookies to ensure the functionality of the website. Further information can be found in the WordPress privacy policy and in our Cookie Policy.

Comment function (WordPress)

Posts on this website can be commented on by visitors. When a comment is written, it is stored indefinitely, including other metadata. This allows us to recognize discussions and moderate comments automatically. For example, a follow-up comment is automatically approved if a comment from an author has already been approved. Authors are identified by their email address. The criterion for the duration of storage of further personal data is the respective statutory retention period. After expiry of this period, the corresponding data is routinely deleted unless it is no longer required to fulfill or initiate a contract. The comments made in our blog can in principle also be subscribed to by third parties. In particular, it is possible for a commentator to subscribe to the comments on a specific blog post that follow their comment. If a data subject chooses to subscribe to comments, the controller will send an automatic confirmation email to use the double opt-in procedure to verify whether the owner of the specified email address has actually chosen this option. The option to subscribe to comments can be canceled at any time.

Registration function (WordPress)

We offer you the opportunity to register on our website. The data entered during registration, which can be seen in the input mask of the registration form, is collected and stored exclusively for the use of our service. When you register on our website, we will also save your IP address and the date and time of your registration. This serves as a safeguard on our part in the event that a third party misuses your data and registers on our website using this data without your knowledge. Your data will not be passed on to third parties. The data collected in this way will also not be compared with data that may be collected by other components of our website.

For users who register on our website, we also store the personal information they provide in their user profiles. All users can view, change, or delete their personal information at any time (the username cannot be changed). Website administrators can also view and change this information.

The controller will provide each data subject with information about which personal data about them is stored at any time upon request. Furthermore, the controller will correct or delete personal data at the request or notification of the data subject, provided this is not contrary to statutory retention periods. Exporting the technically stored data is possible at any time and can be requested via email. The data subject's email address serves as the identification feature. For the purposes of legitimacy, this address must also match the sender's address of the requester.

Server Management Plesk

We use the Plesk web server management software to administer our server services. This is a server administration system. The EU Commission has determined, through an adequacy decision pursuant to Art. 45 GDPR, that Switzerland, as a third country, provides an adequate level of data protection compared to the usual scope of the GDPR. You can find the corresponding decision here. here

Tracking

We use web analytics software on our website that anonymously logs and evaluates actions such as clicks or entries made by visitors to our website. We use these services to improve the performance of our offering. The respective system collects and processes anonymized data and provides us with analyses of user behavior. The tools also offer testing options, such as A/B testing, in which two versions of content are tested to determine which version leads to more acquisitions. In such tests or other analyses, anonymous user profiles may also be created and data stored in cookies.

Matomo

We use Matomo for anonymous visitor tracking. The use of web analytics requires your consent, which we have obtained through our cookie compliance system. According to Article 6(1)(a) of the GDPR, this consent constitutes the legal basis for the processing of personal data, such as that which may occur when collected by web analytics tools.

With the help of web analysis systems, we can identify which content has been accessed and how often, how long visitors stay on the site, which device they use to access the website, and where they are geographically from. These statistics help us improve the efficiency of our services. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests). We make every effort not to use cookies for this purpose. For further information, please refer to our Cookie Policy.

  • Data processing: Local
  • Provider: InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand
  • Matomo Privacy Policy
  • Cookies: See Cookie Policy
  • Legal basis: Legitimate interest in the technical validation of the website and communication with our customers (Art. 6 para. 1 lit. f GDPR).

Plugins

Backup (WPVivid)

We use the WPVivid plugin to secure this website. The backups are stored encrypted.

  • Data processing: Local
  • Provider: WPVivid Team
  • WPVivid Privacy Policy
  • Cookies: No cookies are set.
  • Legal basis: Legitimate interest in the security of the website (Art. 6 para. 1 lit. f GDPR).

Contact form (Forminator)

We use Forminator, a form system for securely capturing user inquiries, on our website. If you send us data via a contact form, your details from the inquiry form, including the contact information you provided there, will be saved for the purpose of processing your inquiry and in case of follow-up questions. We will not share this data without your consent. The data will be automatically deleted after 30 days. If you use the "Continue Later" function in one of our forms, the form entries you have entered so far will be saved locally in a cookie.

Spam protection (hCaptcha)

We use hCaptcha on our website to protect ourselves from spam submissions. The provider is the American company Intuition Machines, Inc. hCaptcha processes your data, including in the USA.

  • Data processing: External
  • Provider: Intuition Machines Inc., 350 Alabama St, San Francisco, CA 94110, USA
  • Privacy policy hCaptcha
  • Cookies: See Cookie Policy
  • Legal basis: Legitimate interest in the security of our website (Art. 6 para. 1 lit. f GDPR).
This data record was last checked on: May 22, 2026
Back to top
Back to Product Overview
Back to top
Back to Product Overview
An den Anfang scrollen