Data Protection Information

(Last updated October 21, 2020)

Part 1

Information in data protection related to our processing under articles 13, 14 and 21 general data protection regulation (GDPR)

We take data protection very seriously and inform you herein how we process your data and what claims and rights you are entitled to under data protection regulations.

1. Data Controller and contact details

Data Controller:

Heuking Kühn Lüer Wojtek PartGmbB
Georg-Glock-Strasse 4
D-40474 Düsseldorf, Germany

Contact details of our Data Protection Officer (also Data Protection Officer of all notaries working in the law firm):

Heuking Kühn Lüer Wojtek PartGmbB
Data Protection Officer Mr. Harald Eul
(HEC Harald Eul Consulting GmbH)
Georg-Glock-Strasse 4
D-40474 Düsseldorf, Germany
Email: dsb(at)heuking.de

    2. Purposes and legal basis upon which we process your data

    We process personal data in accordance with the stipulations of the General Data Protection Regula-tion (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG), and other applicable data protection provisions (details are provided below). The details on which data are processed and how they are used largely depend on the services requested or agreed in each case. If you retain our law firm, we will collect  the following information in particular:

    • contact person (title, first name, last name),
    • email address(es),
    • street address,
    • phone number (landline and/or mobile),
    • user data (websites accessed, interest in contents, access times)
    • meta/communication data (e.g., device information, IP addresses)
    • information necessary for asserting and defending your rights as part of retaining our law firm.

    Further details or additions to the purposes of data processing can be found in the respective contract documents, in forms, in a declaration of consent and/or other information provided to you (e.g., in the context of the use of our website or in our terms and conditions).

    This Data Protection Information may be updated from time to time and is available on our website www.heuking.de/en/data-protection.html.

    2.1 Purposes necessary for performance of a contract or precontractual measures (Art. 6(1)(b) GDPR)

    The processing of personal data is performed at your request for the performance of our contracts with you and for the performance of your orders, as well as for the performance of measures and activities within the scope of precontractual relationships, e.g., with interested parties. The collection of these data is performed mainly

    • in order to be able to identify you as a client,
    • in order to be able to provide you with legal advice and represent you in an appropriate manner,
    • for correspondence with you,
    • for accounting purposes,
    • for processing of any liability claims that exist, as well as the assertion of any claims against you,
    • for measures for the control and optimization of business processes,
    • for the traceability of transactions, orders, and other agreements,
    • to guarantee IT security (including system or plausibility tests),
    • for emergency management,
    • to fulfill the general duties of care,
    • to safeguard and enforce domestic authority (e.g., by means of access controls),
    • for cost recording and controlling, as well as for reporting.

    2.2 Purposes within the framework of your consent (Art. 6(1)(a) GDPR)

    Your personal data may also be processed for certain purposes (e.g., use of company communication systems for private purposes; photographs/videos of you for publication in the Intranet/Internet) includ-ing as a result of your consent. As a rule, you may revoke this consent at any time. This also applies to the revoking of declarations of consent that were issued to us before the GDPR went into effect, i.e., prior to May 25, 2018. You will be informed sepa-rately about the consequences of revocation or refusal to provide consent in the respective text of the consent.
    Generally, revocation of consent only applies to the future. Processing carried out prior to consent be-ing issued is not affected and remains lawful.

    2.3 Purposes within the framework of a legitimate interest on our part or of third parties (Art. 6(1)(f) GDPR)

    Beyond the actual fulfilment of the (pre-)agreement, we process your data whenever this is necessary to protect legitimate interests of our own or of third parties, in particular for the following purposes:

    • advertising or market and opinion research, unless you have  objected to the use of your data;
    • sending newsletters with information on current legal topics and events organized by the law firm;
    • obtaining information and exchanging data with credit agencies where this goes beyond our economic risk;
    • the checking and optimization of processes for requirements analysis;
    • the further development of services and products as well as existing systems and processes;
    • the disclosure of personal data within the framework of due diligence in the course of company sale negotiations;
    • for comparison with European and international anti-terror lists, insofar as this goes beyond the legal obligations;
    • the enrichment of our data, e.g., by using or researching publicly accessible data;
    • statistical evaluations or market analysis;
    • benchmarking;
    • the assertion of legal claims and defense in legal disputes which are not directly attributable to the contractual relationship;
    • the restricted processing of data, if erasure is not possible or only possible with disproportionately high effort due to the particular type of storage;
    • the development of scoring systems or automated decision-making processes;
    • the prevention and investigation of criminal offences, if not exclusively for the fulfilment of legal requirements;
    • building and plant security (e.g., by means of access control and video surveillance), insofar as this goes beyond the general duties of care;
    • internal and external investigations, safety reviews;
    • any monitoring or recording of telephone conversations for quality control and training purposes;
    • obtaining and maintenance of certifications of a private-law or official government nature;
    • the safeguarding and exercise of domestic authority by means of appropriate measures as well as video surveillance for the protection of our customers and employees as well as for securing evidence in the event of criminal offences and their prevention.

    2.4 Purposes necessary for compliance with a legal obligation (Art. 6(1)(c) GDPR) or for the performance of a task carried out in the public interest (Art. 6(1)(e) GDPR)

    Like all players in business life, we are also subject to a large number of legal obligations. These are primarily statutory requirements (e.g., commercial and tax laws), but also if applicable supervisory law or other requirements set out by government authorities. The purposes of processing may also include identity and age checks, prevention of fraud and money laundering (e.g., comparisons with European and international anti-terror lists), compliance with control and notification obligations under tax law as well as the archiving of data for the purposes of data protection and data security as well as for purposes of audits by tax advisors/auditors, fiscal and other government authorities. In addition, it may be necessary to disclose personal data within the framework of official government/court measures for the purposes of collecting evidence, law enforcement and criminal prosecution or the satisfaction of civil law claims.

      3. The categories of data that we process if we do not receive data directly from you, and their origin

      If necessary for the contractual relationship with you and the activities performed by you, we may process data which we lawfully receive from other offices or other third parties (e.g., credit agencies, publishers of address databases, journalist databases). In addition, we process personal data that we have lawfully collected, received or acquired from publicly accessible sources (such as commercial registers and association registers, civil registers, the press, Internet and other media) if such is necessary and we are allowed to process these data in accordance with statutory provisions.

      Relevant personal data categories may be, in particular:

      • personal data (name, date of birth, place of birth, nationality, marital status, occupation/trade and comparable data),
      • contact data (address, e-mail address, telephone number and similar data)
      • address data (population register data and comparable data)
      • payment confirmation/confirmation of cover for bank and credit cards
      • information about your financial situation (creditworthiness data including scoring, i.e., data for assessing the economic risk)
      • customer history
      • data on your use of the telemedia offered by us (e.g., time of access to our websites, apps or newsletters, clicked pages/links of us or entries and comparable data)
      • metadata/communication data (e.g., device information, IP addresses),
      • video data

      4. Recipients or categories of recipients of your data

      Your personal data will only be transferred to third parties if

      • you have given us consent to transmit data to third parties,
      • this is necessary in accordance with Art. 6(1)(b) GDPR for the processing of client relationships with you (this includes in particular passing it on to the opposing party in proceedings and their representatives, in particular their attorneys, as well as courts and other public authorities for the purposes of correspondence, marketing measures, as well as for the asserting and defending of their rights),
      • for purposes where we are obligated or entitled to give information, notification or to forward data,
      • to the extent that external service providers commissioned by us process data as order processors or parties that assume certain functions (e.g., external data centers, support and maintenance of IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data validation and data protection. plausibility check, data destruction, purchasing/procurement, customer administration, letter shops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, banks, printing plants or companies for data disposal, courier services, logistics, press relations work).

      We will moreover refrain from transmitting your data to third parties if we have not informed you of such separately. If we commission service providers within the framework of processing an order, your data will be subject there to the security standards stipulated by us in order to adequately protect your data. In all other cases, recipients may only use the data for purposes for which the data have been sent to them.

      Attorney-client privilege will remain unaffected. With regard to data that are subject to attorney-client privilege, the information will only be passed on with your agreement.

      Within our firm, the internal departments and organizational units who need your data in order to fulfill our contractual and legal obligations, or within the framework of processing and implementation of our justified interest, will receive your data.

        5. Duration of data storage

        We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (precontractual legal relationship) and the execution of a contract.

        The personal data that we record for the clients will be stored until the end of the legal storage period for lawyers (6 years after the end of the calendar year in which you ceased being a client) and erased, unless we are obligated to store the data for longer in accordance with Art. 6(1)(c) GDPR as a result of storage and documentation obligations under tax and commercial law (under the German Commercial Code, Penal Code, or Tax Code), or if you have given your consent to longer storage in accordance with Art. 6(1)(a) GDPR.

        Furthermore, special statutory provisions may require longer retention such as the preservation of evidence in connection with statutory time-barring provisions (statute of limitations). Under Sections 195 et seq. German Civil Code (BGB), the regular time-barring period is three years, but time-barring periods of up to 30 years may also be applicable.

        If the data are no longer required to meet contractual or statutory obligations and rights, data will be routinely erased unless its further processing - for a limited period - is necessary to fulfil the purposes listed under item no. 2.2 due to an overriding legitimate interest. Such an overriding legitimate interest is deemed to be the case, for example, if it is not possible to erase the data as a result of the particular type of storage, if such is only possible at a disproportionately great expense, and processing for other purposes is excluded by appropriate technical and organizational measures.

          6. Processing of your data in a third country or through an international organization

          Data are transmitted to offices in countries outside the European Economic Area EU/EEA (third countries) whenever such is necessary to meet a contractual obligation towards you (e.g., if you are posted to another country), if such is required by law (e.g., notification obligations under tax law), if such is in the legitimate interest of us or a third party, or you have issued us with your consent to such.

          At the same time, your data may be processed in a third country, including in connection with the involvement of service providers within the framework of the processing of the order. If no decision has been issued by the EU Commission regarding the presence of an appropriate level of data protection for the respective country, we warrant that your rights and freedoms will be reasonably protected and guarantied in accordance with EU data protection requirements through contractual agreements to this effect. We will provide you with detailed information on request.

          You can request information on the suitable or appropriate guarantees and on the possibility of receiving a copy of these from the company data protection officer or the human resources department responsible for you.

            7. Your data protection rights / rights of data subjects

            If certain conditions are met, you can assert the following data protection rights against us:

            7.1 Under Art. 7(3) GDPR, you may revoke the consent that you have issued to us at any time. The result of this is that we may no longer perform the data processing covered by this consent  in future.

            7.2 Under Art. 15 GDPR, you have the right to obtain information on your personal data processed by us (where applicable, with limitations in accordance with Section 34 Federal Data Protection Act).

            7.3 Upon request, we will rectify or complete data stored on you in accordance with Art. 16 GDPR if such data are inaccurate or incorrect.

            7.4 Upon your request, we will erase your data in accordance with the principles of Art. 17 GDPR, unless we are prohibited from doing so by other statutory provisions (e.g., statutory retention obligations or the restrictions laid down in Section 35 Federal Data Protection Act) or an overriding interest on our part (for example, to defend our rights and claims).

            7.5 Taking into account the preconditions laid down in Art. 18 GDPR, you may request us to restrict the processing of your data.

            7.6 In accordance with the provisions of Art. 20 GDPR, you also have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to transmit such data to a third party.

            7.7 Furthermore, you may file an objection to the processing of your data in accordance with Art. 21 GDPR, as a result of which we are obliged to stop processing your data. This right of objection only applies, however, if very special circumstances characterize your personal situation, whereby the rights of our firm may stand in the way of your right of objection.

            7.8 You also have the right to revoke consent, issued to us to process personal data, at any time with effect for the future.

            7.9 In addition, you have the right to complain to a data protection supervisory authority (Art. 77 GDPR). We recommend, however, that complaints should always initially be sent to our Data Protection Officer.

            Your applications regarding the exercising of your rights should, if possible, be addressed in writing to the abovementioned address or directly to our Data Protection Officer.

              8. Scope of your obligation to provide us with your data

              You only need to provide data that are necessary for the commencement and performance of the business relationship, for a precontractual relationship with us, or if we are obliged to collect the data by law. Without these data, we are generally not able to conclude the agreement or continue to perform it. This may also relate to data that are required later within the framework of the contractual relationship. If we request data from you above and beyond this, you will be informed about the voluntary nature of the information separately.

              Information on your right of objection under Art. 21 GDPR

              1. You have the right to file an objection at any time against processing of your data carried out on the basis of Art. 6(1)(f) GDPR (data processing on the basis of a weighing-up of interests) or Art. 6(1)(e) GDPR (data processing in the public interest). The precondition for this is, however, that there are grounds for your objection emanating from your special personal situation. This also applies to profiling based on this provision within the meaning of Art. 4(4) GDPR.

              If you file an objection, we will no longer process your personal data unless we can demonstrate compelling reasons warranting protection for the processing that outweigh your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

              2. We also process your personal data in order to perform direct advertising. If you do not want to receive any advertising, you have the right to file an objection against this at any time. This also applies to the profiling to the extent that it is connected with such direct advertising. We will respect this objection with effect for the future.

              We will no longer process your data for the purpose of direct advertising if you object to processing for this purpose.

              The objection may be filed without adhering to any formal requirements and should be sent to

              Heuking Kühn Lüer Wojtek PartGmbB
              Data Protection Officer Herr Harald Eul
              (HEC Harald Eul Consulting GmbH)
              Georg-Glock-Strasse 4
              D-40474 Düsseldorf, Germany
              Email: dsb(at)heuking.de

              Our Privacy Policy and the information on data protection related to our data processing in accordance with Articles 13, 14 and 21 GDPR may change from time to time. All changes will be published on this site. Older versions can be viewed in an archive.

              Data Protection Information last updated: October 21, 2020

                Part 2

                Supplementary data protection statement for our website

                Thank you very much for your interest in our online presence. The protection of your personal data is very important to us. We would like to inform you of the use of cookies, analysis tools, and the possible effects on personal data on our website.

                1. Cookies and opt-out right in direct advertising

                We use temporary and permanent cookies, i.e., small files that are saved on the devices of users (for clarification of the term and the function, see the last section of this data protection information). The cookies serve the purpose of security and are necessary for the operation of our website (e.g., for the presentation of the website) or to save the user’s decision when confirming the cookie banner. In addition, either we or our technology partner use cookies for reach measurement and marketing purposes, of which our users are informed in the Privacy Policy.

                You may generally opt out of the use of the cookies used for the purposes of online marketing in the case of many services, above all with respect to tracking, via the US-based website http://www.aboutads.info/choices/ or via the EU-based website http://www.youronlinechoices.com/. In addition, the retention of cookies may be achieved by deactivating them in the browser settings. Please note that it may not be possible to use all of the functions of this website in that case.

                2. Recording of access data and log files

                We record data on each access of our server on which the service is located (server log files) on the basis of our justified interest in accordance with Art. 6(1)(f) GDPR. The access data include the name of the website accessed, file, date, and time of the access, quantity of data transferred, reporting of successful access, browser type and version, the user’s operating system, referrer URL (the page visited previously), IP address, and the enquiring provider.

                Log file information will be stored for security reasons (e.g., to clarify misuse or fraud actions) for a maximum period of seven days and then deleted. Data that has to be stored for the purposes of evidence are excluded from deletion until the final clarification of the occurrence in question.

                3. Online presence in social media

                We maintain an online presence within social networks and platforms in order to communicate with the clients, interested parties, and users who are active there and to be able to inform them there about our services. When accessing the relevant networks and platforms, the terms and conditions of business and the data processing guidelines of their operators apply.

                Unless otherwise stated in our Privacy Policy, we process user data if they communicate with us within the social networks and platforms, e.g., contributions to our online presence or sending messages.

                4. Cookies & Reach Measurement

                5. Google Analytics

                If you have given us your voluntary consent, which you may withdraw at any time, we use Google Analytics (https://marketingplatform.google.com/about/analytics/), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, D04 E5W5, Ireland (“Google”), including its U.S. parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, on this website to analyze and regularly improve the use of this website. The statistics allow us to improve our offering and to make it more interesting for you as a user. In exceptional cases, personal data may be transferred to the U.S.A. and may be stored there. In general, the U.S.A. has a level of data protection which, in the opinion of the CJEU, does not fully reach the level of data protection existing in the EU. No adequacy decision by the European Commission or appropriate safeguards are available. In particular, there is a risk or it cannot be ruled out that, within the scope of the laws applicable there, state authorities - with only limited legal protection - may also gain access to such data. A data protection agreement exists with Google LLC, which includes the EU Standard Contractual Clauses. Additional information from Google is available at  https://privacy.google.com/businesses/compliance/ - !/%23gdpr.

                Legal basis for the use of Google Analytics is the consent in accordance with Article 6(1)(a) GDPR.

                Google Analytics uses “cookies”, which are text files that are placed on your computer, to analyze how users use the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the U.S.A. and is stored there.

                By activating IP anonymization on this website, your IP address will be abbreviated by Google within European Union Member States or in other signatory states of the Agreement on the European Economic Area prior to transfer. Only in exceptional cases will the full IP address be transferred to a Google server in the U.S.A. and will be abbreviated there. Google’s data center locations can be found at: https://www.google.com/about/datacenters/locations/index.html. On behalf of the operator of this website, Google will use this information for the purposes of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet use. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data unless you have granted permission to do so in your Google account.

                You may revoke the consent given to us at any time with effect for the future by preventing the storage of cookies by way of an appropriate setting in your browser software. We would like to point out, however, that in this case you may not be able to use all functions of this website to their full extent.

                Additionally, you may revoke your consent given to us at any time with effect for the future as follows: To revoke any consent given to us at any time or to individually adjust your cookie settings (including selecting & deselecting cookies), please click on the “Cookie declaration” link in our website’s “Data Protection” section and make the relevant selections.

                You also have the option of preventing the collection of data generated by the cookie and related to your use of the website (including the abbreviated IP address) and the processing of this data by Google by downloading and installing a browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

                The personal or pseudonymous data will be deleted or anonymized after 14 months.

                Additional details and information are found on Google’s site about Safeguarding your data at https://support.google.com/analytics/answer/6004245?hl=en or the Google Privacy Policy at https://policies.google.com/privacy?hl=en and in Google’s Ad personalization settings at https://adssettings.google.com/authenticated.

                Google-Re/Marketing-Services

                We use the marketing and remarketing services (abbreviated to “Google Marketing Services”) of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (“Google”) on the basis of our justified interests (i.e., interest in the analysis, optimization, and economic operation of our online content as defined under Art. 6(1)(f) GDPR).

                In general, the U.S.A. has a level of data protection which, in the opinion of the CJEU, does not fully reach the level of data protection existing in the EU. No adequacy decision by the European Commission or appropriate safeguards are available. In particular, there is a risk or it cannot be ruled out that, within the scope of the laws applicable there, state authorities - with only limited legal protection - may also gain access to such data. A data protection agreement exists with Google LLC, which includes the EU Standard Contractual Clauses. Additional information from Google is available at  https://privacy.google.com/businesses/compliance/ - !/%23gdpr.

                Google Marketing Services allow us to show advertisements for and on websites in a more targeted way in order only to present users with advertisements that may be of interest to. If users, for example, are shown advertisements for products that they have shown an interest in on other websites, this is known as “remarketing.” For these purposes, when our website and other websites on which Google Marketing Services are active are accessed, a code is executed by Google and (re)marketing tags (invisible graphics or codes, which are also known as "web beacons") are incorporated into the website. These are used to save an individual cookie on the user’s device, i.e., a small file (comparable technologies can also be used instead of cookies). The cookies can be created by various different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which websites users look at, what content they show an interest in, and which offerings they click on. The file also contains technical information about the browser and operating system, referring websites, duration of the visit, as well as other information about the use of the online content. The IP addresses of users are also recorded, although we state within Google Analytics that the IP addresses within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area and only sent in full to Google server in the USA and abbreviated there. The IP address is not combined with the users’ data within other offers from Google. Google an also combine the aforementioned information with information from other sources. If users then visit other websites, they can be shown advertisements tailored to their interests.

                The users’ data is processed in a pseudonymous manner within Google Marketing Services. This means that Google does not process the name or email addresses of the users, but rather processes the relevant data based on cookies within pseudonymized user profiles. This means that from the point of view of Google, the information is not managed and viewed for a concrete, identified person, but rather for the cookie owner, irrespective of who this cookie owner is. This does not apply if a user has expressly given Google permission to process the data without this pseudonymization. The information collected by Google Marketing Services about the users is transmitted to Google and stored on Google’s servers in the USA.

                In addition, we may use the "Google Tag Manager" in order to incorporate the Google analysis and marketing services into our website and to manage them.

                Additional information on data use for marketing purposes by Google is available at https://policies.google.com/technologies/ads, the Google Privacy Policy is available at https://policies.google.com/privacy.

                If you want to opt-out of interest-based advertising by Google Marketing Services, you can make use of the settings and opt-out options provided by Google: https://adssettings.google.com/authenticated.

                6. Cloudflare - Content Delivery Network

                On the basis of our legitimate interests (i.e. interests in the optimization of the performance, to secure this website and to optimize loading times and security of our online offer and recognition of the language settings of the user within the meaning of Article 6 Para. 1 letter F GDPR), we use the Cloudflare CDN service from Cloudflare, Inc. ("Cloudflare"). In this connection, personal data may be transmitted to Cloudflare by the browser you are using, but this data will be deleted once the purpose has been achieved.

                Cloudflare uses cookies. The information generated by the cookie about the use of the online offer by users is usually transmitted to a Cloudflare server in the USA and stored there.

                You can find further information about data use by Cloudflare, setting and objection options on Cloudflare's website: https://www.cloudflare.com/privacypolicy/

                7. Newsletters

                In the following, we inform you about content of our newsletters, as well as the processes for registration, distribution, and statistical evaluation, as well as your right to opt out. By subscribing to our newsletter, you state that you agree to receive it and to the processes described.

                Content of the newsletters: we send newsletters, emails, and other electronic notifications with promotional information (hereinafter: “Newsletter”) only with the consent of the recipient or legal permission. If the content of a registration to receive a newsletter is outlined in concrete terms within the registration, that content will be decisive with regard to the consent of the user. In addition, our newsletters contain information about our events, offers, campaigns, and our company.

                Double opt-in and logging: registering to receive our newsletter takes place in a “double opt-in procedure,” i.e., after registration you will receive an email in which you will be asked to confirm your registration. This confirmation is necessary so that no one can register with someone else’s email address. A log is kept of registrations for the Newsletter in order to be able to prove that the registration process took place in accordance with the legal requirements. This includes the saving of the time of registration and confirmation, as well as the IP address. A record will be kept of changes in your data that is stored by the distribution provider.

                Distribution provider: The newsletters are generally distributed by a distribution provider, CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany, hereinafter referred to as the “Distribution Provider.” The distribution provider’s Privacy Policy is available at https://www.cleverreach.com/en/privacy-policy/.

                In addition, the distribution provider may use these data in a pseudonymized form based on its own information, i.e., without allocation to a user, in order to optimize or improve its own services, e.g., for technical optimization of the distribution and the presentation of the newsletter or for statistical purposes in order to determine which country the recipients come from. The distribution provider will not, however, use the data of our newsletter recipients to write to them itself, nor will it pass on the data to third parties.

                Registration data: to register for the Newsletter, it is sufficient to enter your email address. As an option, please enter a name so that we can address you personally in the Newsletter.

                Performance measurement: the newsletters contain a “web beacon,” i.e., a pixel-sized file that is accessed by the server of the distribution provider when the Newsletter is opened. During this access, initially technical information, such as information about the browser and your system, as well as your IP address and the time of access. This information will be used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on the locations of access (which can be determined with the aid of the IP address) or the access times. The statistical records will also include the determination of whether the Newsletters are opened, when they are opened, and what links are clicked on. For technical reasons, it is possible to allocate this information to the individual Newsletter recipients. It is, however, not our aim, or that of the Distribution Provider, to observe individual users. Rather, the analysis serves the purpose of recognizing the reading habits of our users and adjusting our content to suit them or to send different information in line with the interests of our users.

                Germany: The distribution of the Newsletter and performance measurement take place on the basis of consent from the recipient in accordance with Art. 6 6(1)(a), Art. 7 in conjunction with Section 7(2)(3) German Act Against Unfair Competition or on the basis of legal permission in accordance with Section 7(3) Act Against Unfair Competition.

                The recording of the registration procedure is performed on the basis of our justified interests in accordance with Art. 6(1)(f) GDPR and serves as proof of consent for receipt of the newsletter.

                Termination/cancellation: you can terminate your agreement to receipt of our newsletter at any time, i.e., revoke your consent. You will find a link for cancellation option of the newsletter at the end of each newsletter. If the user has only registered for the newsletter, his/her personal information will be erased.

                8. Incorporation of third-party services and content

                On the basis of our justified interest (i.e., an interest in the analysis, optimization, and economic operation of our website in accordance with Art. 6(1)(f) GDPR), within our website we offer content and services from third party providers in order to incorporate their content and services, such as videos and fonts (hereinafter referred to collectively as “Content”). The prerequisite for this is that the third-party providers of this Content have to use the IP address of the user because without the IP address, they cannot send the Content to the browser. The IP address is therefore necessary for the provision of this Content. We make every effort only to use Content if the providers only use the IP address for the provision of the Content. Third party suppliers can also use “pixel tags” (invisible graphics also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information on the user traffic to the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and among other things includes technical information about the browser and operating system, referring websites, visit times, and also other information on the use of our online content. This information can also be connected with information of this kind from other sources.

                The following description offers an overview of third-party providers, as well as their content, and also links to their Privacy Policies, which contain further details on the processing of data and opt-out options, some of which have already been mentioned:

                For this purpose, we use the "extended data protection mode" for the integration of the YouTube videos, through which a cookie is only stored on the user's computer when the respective YouTube video is played. YouTube states that no personal cookie information is stored when embedded videos are played in extended privacy mode. Further information on data processing and notes on data protection by YouTube (Google) can be found at www.google.de/intl/de/policies/privacy/. If you want to ensure that YouTube does not receive any data from you, please do not click on the embedded YouTube videos.

                • As part of our online offering, we are using the marketing functions (“LinkedIn Insight Tag”) of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages that contains LinkedIn functions is accessed, a connection is made with LinkedIn’s servers. LinkedIn is informed that you have visited our website with your IP address. We can use the LinkedIn Insight tag in particular to analyze the success of our campaigns in LinkedIn or determine target groups for these on the basis of the interaction of the users with our website. If you are registered with LinkedIn, LinkedIn is able to allocate your interactions with our website to your user account. Also, if you click on the LinkedIn “recommend button” and are logged in to your LinkedIn account, it is possible for LinkedIn to allocate your visit to our website to you and to your user account. Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
                • The functions of the Twitter service or platform may be incorporated into our website (hereinafter referred to as “Twitter”). Twitter is offered by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The functions include the presentation of our contributions in Twitter within our website, links to our profile at Twitter, and the option of interacting with contributions and functions of Twitter, as well as measuring whether users access our online content via our advertisements on Twitter (“conversion measurement”).  Privacy Policy: https://twitter.com/de/privacy, Opt-out: twitter.com/personalization.
                • We use functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time our web pages containing the Xing functions are accessed, a connection is made to the Xing servers. As far as we are aware, personal data is not saved in this process. In particular, no IP addresses are saved and the usage behavior is not analyzed. Privacy Policy: https://www.xing.com/app/share?op=data_protection.
                • External code of the JavaScript frameworks “jQuery,” provided by third-party provider jQuery Foundation, https://jquery.org.
                • We use functions of the URL shortener service bitly. The provider is bitly, Inc. 139 5th Avenue, 5th Floor, New York, NY 10010, USA. Privacy Policy: https://bitly.com/pages/privacy.  
                • We use the event organization tools provided by Altares. The provider is altares GmbH & Co. KG, Wiesenstraße 21a, 40549 Düsseldorf, Germany. The invitation and participant management for our events is performed partially online using Altares’s software and servers. There is no explicit commission for the processing of data but the possibility of personal data being accessed during testing and maintenance cannot be ruled out. Privacy Policy: https://www.altares.de/index.php/datenschutzhinweis.  

                Data Protection Information last updated: October 21, 2020

                PDF-Download Data Protection Information 

                Archive of Data Protection Information 

                You are currently using an outdated and no longer supported browser (Internet Explorer). To ensure the best user experience and save you from possible problems, we recommend that you use a more modern browser.