Security and privacy (Data protection)

Privacy Policy of UniCaps GmbH

1. Information on the collection of personal data

(1.1) The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit our websites www.my-cups.de, www.my-cups.at, www.my-cups.ch, www.my-cups.co.uk. The term “personal data” comprises all data that can be used to personally identify you, e.g. name, address, email addresses, user behavior. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

(1.2) The data processing controller on this website in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR) is Unicaps GmbH, Im Technologiepark 6, 15236 Frankfurt (Oder), info@unicaps.eu. For www.my-cups.ch, the data processing controller is Unicaps Suisse, Seestrasse 5a, CH-8810 Horgen, info@unicaps.eu.

(1.3) The contact details of our data protection officer are: Mr. Udo Wenzel, Im Technologiepark 6, 15236 Frankfurt (Oder), E-Mail: datenschutz@unicaps.eu.

(1.4) If we wish to use contracted service providers for individual functions of our offer or if you would like to utilise your data for commercial purposes, we will inform you in detail about the respective operations below. We also describe the defined criteria for the storage time.

2. Your rights

(2.1) You have the following rights with regard to your personal data:

  • Right of access,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to the processing (see section 10),
  • Right to data portability.

(2.2) In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses. https://datenschutz.hessen.de

3. DATA PROCESSING WHEN VISITING OUR WEBSITE

(3.1) LOGFILES (INTERNET REPORT)

If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we may collect the following personal data that is technically necessary for us to display our website to you and to ensure stability and security (our legitimate interest; the legal basis is Art. 6 (1) s. 1 f) GDPR):

  • IP Address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request came
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

(3.2) REGISTRATION

When you register as a My-Cups customer, we process the mandatory information marked with an asterisk (e.g. name, email address). You can voluntarily provide further personal data (e.g. address) in your profile.

We process this personal data in order to maintain a user account for you and to enable you to use the website more comfortably and to make ordering easier. The legal basis is Article 6 (1) s. 1 b) GDPR.

Your registration data will be deleted when we or you end the user relationship (e.g. in the event of termination), unless we have the right to continue to store the personal data for another reason.

(3.3) ORDERING

When you place an order in our online shop, we collect personal data from you as part of the ordering process. The fields marked with an asterisk are mandatory. You can provide further personal data voluntarily.

If you are a registered My-Cups customer and have logged in, we will take personal data from your user account for the order.

We process this personal data for the conclusion of the contract and the processing of your order. The legal basis is Article 6 (1) s. 1 b) GDPR.

We are legally obliged to store this personal data for a period of ten years. Your personal data will therefore not be completely deleted even after the contract has been processed. However, processing only takes place to the extent necessary to comply with legal obligations. The legal basis is Article 6 (1) s. 1 c) GDPR.

(3.4) CONTACT FORM FOR PRIVATE CUSTOMERS

As a consumer, you can use our contact form to get in touch with us. To do this, we need the mandatory information marked with an asterisk (e.g. name, email address). You can provide further personal data voluntarily.

This personal data is only used to contact you (our legitimate interest, the legal basis is Art. 6 (1) s. 1 f) GDPR). Your personal data will be automatically deleted 3 months after your request has been answered, unless there is a legal basis for longer storage (e.g. an existing contractual relationship) or statutory retention periods.

(3.5) CONTACT FORM FOR CORPORATE CUSTOMERS

As an entrepreneur, you can use our contact form for corporate customers to get in touch with us. To do this, we need the mandatory information marked with an asterisk (e.g. name, email address). You can provide further personal data voluntarily.

This personal data is only used to contact you (our legitimate interest, the legal basis is Art. 6 (1) s. 1 f) GDPR). Your personal data will be automatically deleted 3 months after your request has been answered, unless there is a legal basis for longer storage (e.g. an existing contractual relationship) or statutory retention periods.

(3.6) E-MAIL ADVERTISING WITH REGISTRATION FOR NEWSLETTER

If you register for our newsletter, we use the data required for this or separately provided by you in order to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 (1) s. 1 lit. You can unsubscribe from the newsletter at any time and you can either send a message to the contact option described below or use a link provided in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we will inform you in this declaration.

(3.7) BUSINESS NEWSLETTER FOR CORPORATE CUSTOMERS

As an entrepreneur, you can order a business newsletter from us by entering the mandatory information marked with an asterisk on our website and sending it off. You can provide further personal data voluntarily. We will then contact you at the e-mail address and ask for confirmation that you are the owner of the e-mail address provided and that you agree to receive the newsletter (double opt-in; the legal basis is Art. 6 (1) p. 1 a) GDPR).

You can revoke your consent to the use of your personal data for the newsletter at any time. In this case we will delete your personal data. We also delete your personal data if we have indications that it is (no longer) correct. If you do not confirm your email address, we will also delete your personal data 3 months after we have received it. We do not carry out the deletions if we have the right to further storage for another reason or if we are obliged to do so due to statutory retention requirements.

(3.8) ADVERTISING

With your express consent, we will inform you regularly about promotions, vouchers and trends and process your e-mail address for this purpose (legal basis is Art. 6 (1) s. 1 a) GDPR).

You can revoke your consent to the use of your personal data for advertising purposes at any time. In this case we will delete your personal data. We also delete your personal data if we have indications that it is (no longer) correct. We do not carry out the deletions if we have the right to further storage for another reason or if we are obliged to do so due to statutory retention requirements.

(3.9) FURTHER DATA PROCESSING

Furthermore, we can process your personal data if we offer participation in campaigns, competitions or similar services. You will receive more information on this when you provide your personal data.

4. EXTERNAL SERVICEPROVIDER

(We use external service providers to process your order:

(4.1) We transmit your address data to shipping companies. These shipping companies are obliged to treat your personal data confidentially and to process it exclusively for the purpose of delivery. After delivery, the personal data must be deleted. The legal basis for the transmission of personal data is Art. 6 (1) s. 1 b) GDPR.

(4.2) With the exception of the "prepayment" payment method, we transmit the personal data required to process the payment ("payment data") to the commissioned credit institution or the selected payment service provider in order to enable payment processing. The respective payment service provider is responsible for your payment data. Information, in particular about who is responsible for the payment method you have selected and what data processing the payment service provider carries out, is available from the following Internet addresses. The legal basis for the transmission is Art. 6 (1) s. 1 b) GDPR.

We integrate payment services of third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contractual and data protection provisions of the respective providers apply. The use of the payment service providers is based on Art. 6(1)(b) GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment transaction (Art. 6(1)(f) GDPR). Insofar as your consent is requested for certain actions, Art. 6(1)(a) GDPR is the legal basis for data processing; consent may be revoked at any time for the future.

We use the following payment services / payment service providers within the scope of this website:

(4.2.1) PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

Details can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

(4.2.2) KLARNA

The supplier is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna“). Klarna offers various payment options (e.g., hire purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of Klarna checkout solution. For details on the use of Klarna cookies, please see the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

Details can be found in Klarna’s privacy policy under the following link: https://www.klarna.com/de/datenschutz/.

(4.2.3) MASTERCARD

The provider of this payment service is the Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter “Mastercard”).

Mastercard may transfer data to its parent company in the US. The data transfer to the US is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

(4.2.4) VISA

The provider of this payment service is the Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).

Great Britain is considered a secure non-EU country as far as data protection legislation is concerned. This means that the data protection level in Great Britain is equivalent to the data protection level of the European Union.

VISA may transfer data to its parent company in the US. The data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.

For more information, please refer to VISA’s privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

(4.2.5) AMEX

The provider of this payment service is the American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (hereinafter “American Express”).

American Express may transfer data to its parent company in the US. The data transfer to the US is based on the Binding Corporate Rules. Details can be found here: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementing-principles/.

For more information, please see the American Express privacy policy: https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html.

(4.2.6) AMAZON PAY

The provider of this payment service is Amazon Payments Europe S.C.A., 38 avenue J.F. Kennedy, L-1855 Luxembourg.

Details regarding the use of your data can be found in Amazon Pay’s Privacy Policy at the following link: https://pay.amazon.de/help/201212490?ld=APDELPADirect.

5. COOKIES

(5.1) In addition to the aforementioned personal data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and through which certain information flows to the place that sets the cookie (in this case by us). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and more effective overall.

(5.2) Use of cookies:

(5.2.1) Diese Website nutzt folgende Arten von Cookies, deren Umfang und Funktionsweise im Folgenden erläutert werden:

  • Transiente Cookies (dazu 5.2.2).
  • Persistente Cookies (dazu 5.2.3).

(5.2.2) Transient cookies are automatically deleted when you close the browser. This includes in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This means that your computer can be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

(5.2.3) Persistent cookies are automatically deleted after a specified period, which can differ depending on the cookie. You can delete cookies at any time in the security settings of your browser. We use the following persistent cookies on the website:

  • Google Analytics (ga - storage period: 2 years, _gid - storage period: 1 day). For more information on Google Analytics, see Section 6.
  • Google Marketing Platform (IDE - storage time: 390 days). You can find more information about the Google Marketing Platform under section 7.
  • Facebook Custom Audiences (fbp - storage period 90 days, fr - storage period: 90 days). You can find more information about Facebook Custom Audiences under Section 8.
  • as well as a cookie with which we can save the contents of your shopping cart (basketSessionId - storage duration: 7 days).

(5.2.4) The cookies we use are necessary for the technical implementation of interactive user functions. For example, cookies enable the content of your virtual shopping cart to be retained across multiple websites. In addition, we use cookies in accordance with this data protection declaration for the technically error-free and optimized provision of our services. Any personal data processed by cookies are required for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 (1) s. 1 f) GDPR.

(5.2.5) We also use cookies to collect statistical data on the general usage behavior of our users. By evaluating this data, we get a better understanding of the needs of our users so that we can further develop our website in a more targeted manner and improve the overall user experience. However, these cookies do not contain any personal data and are not linked to such data.

(5.2.6) We also use cookies for analysis and targeting purposes. Further information, including the legal basis, can be found in sections 6, 7 and 8.

(5.2.7) You can configure your browser settings according to your wishes and, for example, reject the acceptance of third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.

(5.2.8) The Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your device. These objects save the required data regardless of the browser you are using and do not have an automatic expiry date. If you do not want the Flash cookies to be processed, you must install a corresponding add-on, eg "Better Privacy" for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or Adobe -Flash killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode in your browser. We also recommend that you regularly delete your cookies and browser history manually.

(5.2.9) Consent with Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”).

Whenever you visit our website, the following personal data will be transferred to Usercentrics:

  • Your declaration(s) of consent or your revocation of your declaration(s) of consent
  • Your IP address
  • Information about your browser
  • Information about your device
  • The date and time you visited our website
Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.

Usercentrics uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of specific technologies is Art. 6(1)(c) GDPR.

Data processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

6. GOOGLE ANALYTICS

(6.1) This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. Google may consolidate these data in a profile that is allocated to the respective user or the user’s device.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

This analysis tool is used on the basis of Art. 6(1)(f) GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

(6.2) The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

(6.3) You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by using the browser plug-in available under the following link. Download and install in: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at:

https://support.google.com/analytics/answer/6004245?hl=en.

(6.4) As an alternative to the browser add-on or on mobile devices, you can prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set that prevents the future collection of your data when you visit our website / online shop: Deactivate Google Analytics. If you delete your cookies, you will have to click this link again. In order to prevent Google Analytics from collecting data across different devices, you must perform the opt-out on all systems used.

(6.5) On this website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyze your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

(6.6) We use Google Analytics to analyze the use of our website and to improve it on a regular basis. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics is Section 15 Paragraph 3 Telemedia Act or Art. 6 Paragraph 1 Sentence 1 f) GDPR. Sessions and campaigns are ended after a certain period of time. By default, sessions are ended after 30 minutes of inactivity, campaigns after 6 months. The time limit for campaigns can be a maximum of 2 years.

(6.7) Archiving period

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 2 months. For details, please click the following link:

https://support.google.com/analytics/answer/7667196?hl=en

(6.8) With your consent, this website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. The legal basis is Article 6 (1) s. 1 a) GDPR.

(6.9) Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

7. Using Google Analytics

(7.1) This website uses the Google Marketing Platform of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). The Google Marketing Platform uses cookies to show ads that are relevant to users, to improve reports on campaign performance or to prevent a user from seeing the same ads multiple times. Google uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being displayed multiple times. In addition, the Google Marketing Platform can use cookie IDs to record what are known as conversions that relate to ad requests. This is the case, for example, when a user sees an ad and later visits the advertiser's website with the same browser and buys something there. According to Google, cookies from the Google Marketing Platform do not contain any personal information.

(7.2) Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data that is collected by Google through the use of this tool and therefore inform you according to our level of knowledge: By integrating the Google Marketing Platform, Google receives the information that you are using the corresponding part of our website or have accessed or clicked on one of our advertisements. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out your IP address and save it.

(7.3) The legal basis for the processing of your data is your consent (Art. 6 (1) s. 1 a) GDPR). You can revoke your consent at any time [here].

(7.4) Further information on the Google Marketing Platform is available at https://marketingplatform.google.com, as well as on data protection at Google in general: https://policies.google.com/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

8. USE OF FACEBOOK CUSTOM AUDIENCES

(8.1) The website uses the remarketing function "Custom Audiences" from Facebook Inc. ("Facebook"). This enables users of the website to be shown interest-related advertisements ("Facebook Ads") when visiting the social network Facebook or other websites that also use the process. We are interested in showing you advertisements that are of interest to you in order to make our website more interesting for you.

8.2) Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data that is collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you are visiting our website or clicked on one of our advertisements. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and save your IP address and other identification features.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

You can find further information on protecting your privacy in Facebook's data protection information: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function “Custom Audiences” in the advertising settings area at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

(8.3) We do not transmit any (hashed) email addresses to Facebook and we also do not carry out an "automatic extended comparison" in which further user data would be transmitted.

(8.4) Third party information: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. According to Facebook, the data collected will also be transferred to the USA and other third countries. Terms of use: https://www.facebook.com/legal/terms/update, overview of data protection: https://de-de.facebook.com/privacy/explanation.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

(8.5) The legal basis for the processing of your data is your consent (Art. 6 (1) s. 1 a) GDPR). You can revoke your consent at any time [here].

9. RECIPIENTS OF YOUR DATA / THIRD COUNTRY TRANSFERS

(9.1) In addition to the recipients named above under 4, 6, 7 and 8, we may disclose or forward your personal data to IT service providers. The IT service providers are carefully selected by us and act as contract processors for us.

(9.2) In addition, your personal data will only be transmitted to third parties if and to the extent that this is legally permissible and necessary for the fulfillment of contracts concluded with you or for the performance of the services (the legal basis is Art. 6 (1) s. 1 b) DS -GVO), you have given us your consent to the transfer (legal basis is Art. 6 (1) s. 1 a) GDPR), the transfer is necessary for the establishment, exercise or defense of legal claims and there is no reason to assume, that you have an overriding interest worthy of protection in not disclosing your data (legal basis is Art. 6 (1) s. 1 f) GDPR) or in the event that there is a legal obligation for the disclosure (legal basis Art. 6 (1) p. 1 c) GDPR).

(9.3) If a transfer of personal data is to take place in a country outside the European Economic Area (EEA), we will inform you about this in these data protection provisions or when the personal data is collected.

10. REVOCATION OF CONSENT OR OBJECTION TO THE PROCESSING OF YOUR PERSONAL DATA

(10.1) If you have given your consent to the processing of your personal data, you can revoke this at any time. Such a revocation affects the permissibility of the processing of your personal data after you have given it to us.

(10.2) If we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case, in particular, if the processing is not necessary to fulfill a contract with you, which we describe in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or point out to you our compelling reasons worthy of protection, on the basis of which we will continue the processing.

(10.3) You can of course object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection to advertising using the contact details given in section 1.2.

11. LinkedIn

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://www.linkedin.com/legal/l/dpa und
https://www.linkedin.com/legal/l/eu-sccs.

You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.

We have concluded a data processing agreement (DPA) with the above-mentioned provider.