Privacy Policy and Consent to Use of Data

Intershop is committed to the responsible use of personal data. We have a particular obligation to protect and maintain the privacy of our customers and partners. We would therefore like to inform you about how we use your personal data.

We reserve the right to amend this Privacy Policy at any time. You are therefore advised to review this Privacy Policy at regular intervals.

1. Data Controller

The data controller as defined by the General Data Protection Regulation (GDPR) is:

Intershop Communications AG
Steinweg 10
07743 Jena
Germany
Tel.: +49 3641 50-0
Fax: +49 3641 50-1002
E-Mail: info@intershop.com

2. Data Protection Officer

If you have any questions or comments regarding data protection, please contact our data protection officer:
DatenschutzBeauftragter@intershop.de

3. Data Security

In order to protect your data as comprehensively as possible from unwanted access, we take technical and organizational measures. We use an encryption procedure on our web pages. Your data is transferred from your computer to our servers and vice versa via the Internet using a transport encryption "TLS encryption" (e.g. TLS 1.2 / TLS 1.3). We do not use the transport protocols TLS 1.0 and 1.1, which are classified as insecure, because they do not comply with the state of the art (Art. 25 and Art. 32 GDPR). You can recognize this by the fact that the address line begins with https:// and the lock symbol is closed in the status bar of your browser.

4. Processing of personal data (direct collection)

You may revoke all consents to the use of your personal data that you have given us, in whole or for individual processing operations, free of charge. The legality of the processing carried out on the basis of the consent until the revocation is not affected by the revocation. A revocation of your consent has the consequence that you will no longer receive a newsletter from us. You have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data that is carried out on the basis of a legitimate interest of us or a third party, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against general direct advertising or direct advertising tailored to you. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, please send us an e-mail to info@intershop.de or contact the responsible person by other means (see section 1).
The general duration of the storage of your data depends on the purposes pursued with the storage. In principle, we delete your personal data when we no longer need it to achieve the purpose for which it was stored, unless legal retention periods prevent deletion. You can find more information on the storage period in the respective sections of this data protection notice.

4.1 When visiting our website

Apart from the data collected by cookies and web analytics services, you can visit our website without providing us with any personal data. Information on the cookies /and web analytics services we use can be found from section 5.

4.2 In case of an e-mail inquiry

If you have any questions about our products and services, we offer you the opportunity to contact our customer service (by phone or e-mail) based on your consent pursuant to Art. 6 (1) lit. GDPR or § 25 (1) TDDDG. If you provide us with your personal data, this is done voluntarily. The purpose of collecting your personal data (title, first and last name, business e-mail address, name of your company) is to identify you and to be able to answer your inquiry. Our legitimate interest is our commercial interest in being able to contact potential new customers. The personal data transferred to us for e-mail inquiries is automatically deleted within 24 months, unless we are obliged to store it longer due to retention periods.

4.3 When requesting our free whitepapers

Based on your consent pursuant to Art. 6 (1) lit. GDPR or § 25 (1) TDDDG, we offer you the opportunity to receive various whitepapers on digitization and our products and services by e-mail. To receive the whitepaper, you must provide us with your title, first and last name, e-mail address and company. You can voluntarily provide us with your phone number if you would like us to contact you. The purpose of collecting your personal data is to identify you and to be able to provide you with our whitepaper. Our legitimate interest is our commercial interest in being able to contact potential new customers. The personal data transmitted to us when filling out the contact form or by telephone will be automatically deleted within 24 months, unless we are obliged to store it longer due to retention periods.

4.4 When making an appointment for an online demo or an on-site presentation.

If you have questions about our products and services, we offer you the opportunity to contact us (by phone or contact form) to make an appointment for an online demo or an on-site presentation based on your consent pursuant to Art. 6 (1) lit. GDPR or § 25 (1) TDDDG. When you provide us with your personal data, you do so voluntarily. The purpose of collecting your personal data (name, e-mail address, company) is to identify you and to be able to make an appointment with you for an online demo or an on-site presentation. Our legitimate interest is our commercial interest in being able to contact potential new customers. The personal data transmitted to us when filling out the contact form and by telephone are automatically deleted within 24 months, unless we are obliged to store them longer due to retention periods.

4.5 When registering for events

In order to lay the foundation for your digital business, we offer you from time to time, based on your consent pursuant to Art. 6 (1) lit. GDPR or § 25 (1) TDDDG, the opportunity to register via our website for various events that deal with the digitization of business models. When you provide us with your personal data, you do so voluntarily. The purpose of collecting your personal data (first and last name, business e-mail address, position in your company) is to identify you and to be able to carry out your registration for the event. Our legitimate interest is our commercial interest in being able to contact potential new customers. The personal data transmitted to us when filling out the contact form and by telephone will be automatically deleted within 24 months, unless we are obliged to store it longer due to retention periods.

4.6 When subscribing to our newsletter

If you have consented to the sending of the newsletter in accordance with Art. 6 Para. 1 lit. a GDPR or § 25 Para.1 TDDDG, we will use your e-mail address to send you our newsletter and information on marketing offers, events and industry news on a regular basis. If you order our newsletter, we ask you to agree to further newsletter tracking as part of the ordering process. If you give us the corresponding consent, we will include individual tracking pixels in our newsletters that allow us to recognize when the newsletter sent to you was accessed or opened and individualize the links present in the newsletter to be able to evaluate when you clicked on which link. To register and receive the newsletter, it is sufficient to provide a valid e-mail address. As part of the newsletter registration, we store additional data beyond the data already mentioned, insofar as this is necessary so that we can prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is based on your consent according to Art. 6 para. 1 lit. GDPR or § 25 para. 1 TDDDG. At the end of the newsletter there is an unsubscribe link which you can use to unsubscribe from our mailing list at any time. In addition, you can also unsubscribe by e-mail at info@intershop.de. Insofar as you subscribe to our newsletter, we use the service provider HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141 ("HubSpot"), with server location in Europe. We transmit the data you enter to this provider. If you do not consent to the transmission of this data, you should not subscribe to any newsletter. Incidentally, you can unsubscribe from our newsletters at any time using the e-mail address provided when subscribing to the newsletter. Insofar as you have not subscribed to any newsletters or email services, no data will be transmitted either. We have specifically obligated HubSpot by contract to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, and to comply with the required security standards. Data processing by HubSpot may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework). More detailed information on data processing by HubSpot can be found at: https://legal.hubspot.com/privacy-policy. The personal data collected by us for sending the newsletter will be stored until you unsubscribe and then automatically deleted within 24 months, unless we are obliged to store it longer due to retention periods.

4.7 When registering for our investor newsletter

If you have consented to receiving the newsletter pursuant to Art. 6 (1) a GDPR or § 25 (1) TDDDG, we will use your e-mail address to send you our IR newsletter and IR-related information such as financial reports and press releases on a regular basis. If you order our newsletter, we will ask you to agree to further newsletter tracking as part of the ordering process. If you give us the corresponding consent, we will integrate individual tracking pixels into our newsletters, with which we can recognize when the newsletter sent to you was accessed or opened and individualize the links present in the newsletter in order to be able to evaluate when you clicked on which link. To register and receive the newsletter, it is sufficient to provide a valid e-mail address. Within the scope of the newsletter registration, we store additional data beyond the data already mentioned, insofar as this is necessary so that we can prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is based on your consent according to Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TDDDG. At the end of the newsletter there is an unsubscribe link which you can use to unsubscribe from our mailing list at any time. In addition, you can also unsubscribe by e-mail at info@intershop.de. Insofar as you subscribe to our newsletter, we use the service provider HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141 ("HubSpot"), with server location in Europe. We transmit the data you enter to this provider. If you do not consent to the transmission of this data, you should not subscribe to any newsletter. Incidentally, you can unsubscribe from our newsletters at any time using the e-mail address provided when subscribing to the newsletter. Insofar as you have not subscribed to any newsletters or email services, no data will be transmitted either. We have specifically obligated HubSpot by contract to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, and to comply with the required security standards. Data processing by HubSpot may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework). More detailed information on data processing by HubSpot can be found at: https://legal.hubspot.com/privacy-policy. The personal data collected by us for sending the newsletter will be stored until you unsubscribe and then automatically deleted within 24 months, unless we are obliged to store it longer due to retention periods.

4.8 In case of an application

You can apply on our website. Insofar as you apply to us, we use applicant management software from the service provider Personio SE & Co. KG, Seidlstraße 3, 80335 Munich ("Personio"). We have specifically obligated Personio by contract to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, and to comply with the required security standards. The transfer of personal data to a third country or to an international organization without an adequacy decision will only take place in the presence of appropriate safeguards pursuant to Art. 46 GDPR or if one of the conditions of Art. 49 GDPR is met.
The legal basis for the processing of this data is Art. 6 para. 1 lit. b GDPR and Art. 88 GDPR in conjunction with § Section 26 para. 1 sentence 1 BDSG-new, as the data is required for the decision on the establishment of an employment relationship. We will treat your data as strictly confidential in accordance with the statutory provisions. Your personal data will be accessible to employees in the HR department and will be made available to managers and employee representatives on a case-by-case basis. The provision of all data requested in mandatory fields is required for the application. If you do not provide us with this data, you will not be able to apply for a job with us. If you do not request deletion of your data, your data will be stored for a maximum of 6 months after completion of the application process. If we want to keep your application longer because your profile might match a position that will only be advertised in the future, we will ask for your consent in writing. If you are hired in response to your application, the storage period with regard to your application data is generally based on the purposes of the employment contract in compliance with the applicable commercial, tax and social security retention requirements for personnel data. You can find more detailed information on data processing by Personio at: https://www.personio.de/datenschutz/.

4.9 When registering on our partner portal

You can register as a partner at https://info.intershop.com/partner-portal and take advantage of various partner offers. Our partner portal is operated via the Partner Management Platform from Kiflo (The KIFLO company, a company registered in Paris under number 847 670 262, whose registered office is at 39 Rue de Reuilly, 75012 Paris). To create a customer account, we need your first and last name, employer details, and business email address. This information is collected and processed in accordance with Article 6(1)(b) of the GDPR as part of your registration and use of the partner portal. We only store the necessary data (first name, last name, email address) to create your user account. If you do not arrange for your data to be deleted, your data will remain stored for a maximum of 10 years.

4.10 Data processing for direct advertising

The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent for direct marketing.
In doing so, we store your e-mail address for sending product information by e-mail or your telephone number in order to use it for contacting you. In addition, we use various data to provide information as individually as possible: Receipt and reading confirmations of e-mails, date and time of your visit to our website, products you have viewed. You can withdraw your consent at any time by sending us a message to this effect to info@intershop.de. All personal data that we process for the purpose of direct marketing will be stored until the withdrawal of consent and in accordance with the law.

4.11 When registering for our online trainings

We offer you the opportunity to register through our website for various online trainings that deal with the use, administration and/or customization of our software. You can register for trainings as an organizer or participant at https://intershopacademy.talentlms.com/catalog/index. Your personal data that you provide to us as part of your registration will be used by us on the basis of Art. 6 (1) lit. b GDPR to process your registration, to send you a weekly notification email, and for the use of trainings or certification exams. If you do not provide us with the data required for registration, you will not be able to use our trainings or certification exams. When you provide us with your personal information, you do so voluntarily. The purpose of collecting your personal information (first and last name, phone number, business email address, payment information: Company name, contact person, company address, email address, phone number, fax) is to identify you and to be able to make an appointment with you for online training or regular training, respectively, and to be able to process your registration for the event. For this purpose, we use the eLearning service TalentLMS from the service provider Epignosis LCC, 315 Montgomery Street, 9th Floor, San Francisco, CA 94104, USA and Epignosis UK LtD, 1 Buckwell Road, Kingsbridge, South Hams, United Kingdom, TQ7 1NQ ("TalentLMS"). We transmit the data you enter to this provider. If you do not consent to the transfer of this data, you should not register for our online training courses. We have specifically obligated Epignosis by contract to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, and to comply with the required security standards. The transfer of personal data to a third country or to an international organization without an adequacy decision will only take place in the presence of appropriate safeguards according to Art. 46 GDPR or if one of the conditions of Art. 49 GDPR is met. You can find more information on data processing by Epignosis at:
https://www.talentlms.com/privacy. All relevant personal data that you provide to us for the purpose of participating in the online training and, if applicable, associated documents (e.g. commercial letters, invoices) will be stored for a maximum of six to ten years after completion of the training in accordance with legal requirements and regulations.

4.12 Login to the Intershop Service Portal (Service Now)

As a customer or partner, you can register at https://service.intershop.com to submit service requests, report problems or make suggestions for improvements. Detailed information on data protection can be found at https://www.intershop.com/en/privacy-policy/service-portal.

4.13 When registering for a webinar

For the purpose of scheduling, organizing, and holding digital event formats, your personal data, such as your name and e-mail address, will be processed for organizational purposes before the event and, where applicable, for transmitting further information or answering questions about the event. The legal basis for this is the legitimate interest in accordance with point (f) of Art. 6 (1) sentence 1 GDPR in scheduling and holding the digital event properly.

To hold telephone conferences, online meetings, video conferences, and webinars (hereinafter: “online meetings”) we use the tool “Teams” from the US provider Microsoft Corporation. Depending on how and the extent to which “Teams” is used, different types of data are collected and processed. These particularly include personal information (e.g., first name and last name, e-mail address, profile picture), meeting metadata (e.g., date, time, and duration of the communication, name of the meeting, IP address of the participants), text, audio, and video data (e.g., chat records, video and audio playbacks), as well as connection data (e.g., telephone numbers, country names, start and end times, IP addresses).

If you participate in an online meeting as a guest, you will receive a link by e-mail from the host. When you log in to the online meeting, you must enter your name and, if necessary, your e-mail address. As a participant, you can participate in meetings directly via the browser without installing the Teams app. The same applies if holding the online meeting is necessary to take steps at your request prior to entering into a contract. The tool also collects user data that are required to provide the available services and for technical and operational support and to make improvements. These particularly include technical data about your devices, your network, and your internet connection, such as IP address, MAC address, other device IDs, device type, operating system type and version, client version, camera type, microphone and speaker, or type of connection. The legal basis for this is the legitimate interest in accordance with point (f) of Art. 6 (1) sentence 1 GDPR in scheduling and holding the digital event properly.

It is necessary to provide the data stated above to log in and participate in the meeting. Failure to do so means you cannot participate.

You may enter additional personal data, but this is not required. Furthermore, you can use the chat, Q&A, or poll functions during the online meeting. You can also switch the camera on and off and mute the microphone yourself.

If you use the chat, Q&A, or poll function, the text you have entered will be processed in order to show and, where necessary, log this in the “online meeting.” If you switch on your camera or your microphone, the data from the microphone of your end device as well as any camera of the end device will be processed for the duration of the meeting. At the beginning of online meetings, your camera and microphone are always switched off as standard. Please note that all information that you or others upload, make available, or create during the meeting will be processed, at least for the duration of the meeting. This particularly includes chat/instant messages, files, whiteboards, and other information that is shared while the service is being used.

More information on the processing of your data when using “Teams” is available at: https://privacy.microsoft.com/en-US/privacystatement.

Storage duration/criteria for determining the storage duration

We only process your data as long as this is necessary for the purposes for which they were collected. After, your data will be erased, unless they are necessary for the establishment, exercise, or defense of legal claims. In the event of legal retention obligations, data may only be erased after the respective retention obligation expires.

Your data will generally be erased at the end of the event. Tax data are generally stored for 10 years based on legal retention periods.

The following storage and erasure durations apply to the data processed in Teams:

  • All user account data will generally be erased once the service has stopped being provided.
  • If you as a user have a user account, you can fully erase your user profile, including the data stored there about you, at any time.
  • Administrators in the controller’s account can fully erase the user profile of any user, including the data stored there, at any time.
  • Media sent between participants in a meeting room are not stored.
  • Audio and video contents are processed in the stream and are not stored.
  • Chat messages are not permanently stored.
  • Technical logs/diagnostic information that have been stored are erased or anonymized after max. 90 days.

Recipients of your data

We generally do not transmit your data to third parties. Data will only be passed on if they are specifically intended to be passed on, you have given your prior express consent to the transfer, or we are obliged or entitled to pass on the data based on legal provisions. Data may be passed on, for example, to other companies of the corporate group for the purposes of event management or as part of IT services.

Microsoft Ireland Operations Ltd and the Microsoft Corporation as the service provider and (sub) processor within the meaning of Art. 28 GDPR support us when processing your data and are strictly subject to our instructions. We cannot rule out your data being processed in third countries outside the EU or the EEA. For this data transfer, an adequate level of data protection is ensured by entering into the EU Standard Contractual Clauses and supplementary measures unless there is an adequacy decision within the meaning of Art 45 (3) GDPR for the third country involved.

5. Processing of personal data (indirect collection) - cookies & co.

You may revoke all consents to the use of your personal data that you have given us, in whole or for individual processing operations, free of charge. The lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by the revocation. If you wish to exercise your right of revocation, please click on the word "Cookies" in the footer to call up the cookie banner again.

In the event of a revocation of your consent, the technically unnecessary cookies will be deleted. Please note that after a revocation, you must manually delete the technically necessary cookies created up to this point in your browser software settings. New cookies will no longer be set for the deselected category from the time of revocation. In order to make visiting our website attractive and to enable the use of certain functions (e.g. increasing user-friendliness, readability, arrangement of content, delivery of individualized content and functions), we use so-called cookies. These are small text files that are stored on your terminal device. The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). We use so-called "first-party cookies", which are set by us as the responsible party, as well as "third-party cookies", which are used by other providers. The general duration of the storage of your data depends on the purposes pursued with the storage. In principle, we delete your personal data when we no longer need it to achieve the purpose pursued with the storage, unless a deletion conflicts with legal retention periods. You can find more information on the storage period in the respective sections of this data protection notice.

5.1 Strictly Necessary Cookies

These cookies are necessary for you to navigate the website and use its features, for example, to set your privacy preferences, log in or fill out forms. Without these cookies, the services you request through the Website cannot be properly provided. Strictly necessary cookies do not require user consent under applicable law. You may configure your web browser to block even strictly necessary cookies, but you may then not be able to use the Website in the manner intended. The legal basis for cookies that are absolutely necessary to provide you with the service you expressly requested is Section 25 (2) No. 2 TDDDG.

Name Expiration Provider Description Category
__cfruid Session blog.intershop.com, info.intershop.com, revenueriver.co This cookie is part of the Cloudflare services - including load balancing, provision of website content and provision of a DNS connection for website operators. Third Party
__cf_bm[x5] Session blog.intershop.com,  info.intershop.com,.vimeo.com,
.zoominfo.com
Cookie for Cloudflare bot products. Cloudflare's bot products identify and mitigate automated traffic to protect your site from bad bots. Cloudflare places the __cf_bm cookie on End User devices that access Customer sites that are protected by Bot Management or Bot Fight Mode. The __cf_bm cookie is necessary for the proper functioning of these bot solutions. Third Party
hofff_contao_consent_xx local storage intershop.com. This cookie stores your cookie settings for this website. First Party
hs_ab_test Session info.intershop.com
Hubspot
This cookie is used by the website operator in connection with tests with several variations. First Party
test_cookie 1 day doublecklick.net Used to check whether the user's browser supports cookies. Third Party
AEC 6 months .google.com This cookie ensures that requests within a browser session are made by the user and not by other websites. Third Party
PHPSESSID Session www.intershop.com Set to provide cross-page functions. First Party
csrf_https-contao_csrf_token Session www.intershop.com Using the CSRF token cookie, Contao now tries to detect the hacker's attack and thus prevents a CSRF attack. First Party

5.2 Integration of streaming content - cookies

On our websites, we embed videos that are not stored on our servers. To ensure that calling up our web pages with embedded videos does not automatically lead to content from the third-party provider being reloaded, we only display locally stored preview images of the videos in a first step. This does not provide the third-party provider with any information. Only after a click on the thumbnail, the content of the third-party provider is loaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. In addition, the third-party provider is then able to implement tracking technologies. We have no influence on the further data processing by the third-party provider. By clicking on the preview image, you give us permission to reload content from the third-party provider. The embedding is based on your consent, provided that you have given your consent by clicking on the preview image. Please note that the embedding of many videos leads to your data being processed outside the EU or EEA (in particular the USA). There is a risk here that authorities may access the data for security and monitoring purposes without you being informed or having legal recourse. Where we use providers in insecure third countries and you consent, the transfer to an insecure third country is based on Article 49(1)(a) of the GDPR.

Youtube

On our website, we use plug-ins from the provider YouTube. YouTube is operated by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you call up the Internet pages of our website that are provided with such a plugin, a connection is established to the YouTube servers and the plugin is displayed. This transmits to the YouTube server which of our Internet pages you have visited. If you are logged in as a member of YouTube, YouTube assigns this information to your personal user account. When using the plug-in, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your YouTube user account as well as other user accounts of the companies YouTube LLC and Google Inc. before using our website and deleting the corresponding cookies of the companies. The consent for "YouTube" also includes the consent to a possible transfer of data to the USA. The USA is classified by the European Court of Justice as a country without an adequate level of data protection and without appropriate guarantees according to EU standards. In particular, there is a risk that your personal data may be processed by U.S. authorities for control and monitoring purposes, possibly also without the possibility to prevent access to data by means of a legal remedy or to have the illegality of the access established. In addition, there can be no assurance that your data subject rights can be fully implemented and supervisory authorities in the U.S. will take appropriate remedial action. The use of "YouTube" requires the third country transfer. If you do not wish to consent to the third country transfer, you must deselect "YouTube". Further information on data processing and notes on data protection by YouTube (Google) can be found at
https://www.google.de/intl/de/policies/privacy/.

Name Expiration Provider Description Category
SOCS 13 months google.com
youtube.com
Stores the user's cookie choice Third Party
CONSENT 13 months google.com
youtube.com
Stores the user's cookie choice Third Party
VISITOR_INFO1_LIVE 6 months youtube.com Used to detect and fix problems with the service. Third Party
AEC 6 months google.com This cookie ensures that requests within a browser session are made by the user and not by other websites. Third Party
YSC 6 months youtube.com Stores and tracks interactions. Third Party

Vimeo

For our online marketing activities, we use the video integration of Vimeo on our websites. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. This is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. When an embedded Vimeo video is called up on your website, the user's browser connects to the Vimeo servers. This results in a data transmission. This data is collected, stored and processed on the Vimeo servers, regardless of whether the user has a Vimeo account. These actions may be tracked and stored by Vimeo using cookies and similar technologies. The consent for "Vimeo" also includes the consent to a possible transfer of the data to the USA. The USA is classified by the European Court of Justice as a country without an adequate level of data protection and without appropriate safeguards according to EU standards. In particular, there is a risk that your personal data may be processed by U.S. authorities for control and monitoring purposes, possibly also without the possibility of using a legal remedy to prevent access to data or to have the illegality of the access established. In addition, there can be no assurance that your data subject rights can be fully implemented and supervisory authorities in the U.S. will take appropriate remedial action. The use of "Vimeo" requires the third country transfer. If you do not wish to consent to the third country transfer, you must deselect "Vimeo".

Name Expiration Provider Description Category
player 5 months .vimeo.com This cookie saves your settings before you play an embedded Vimeo video. This means that the next time you watch a Vimeo video, your preferred settings will be returned to you. Third Party
vuid 20 days .vimeo.com This cookie collects information about your actions on websites that have embedded a Vimeo video. Third Party
__cf_bm Session .vimeo.com The *__cf_bm* cookie for Cloudflare bot products. Cloudflare bot products identify and combat automated traffic to protect your site from malicious bots. Cloudflare places the __cf_bm cookie on end-user devices accessing customer websites protected by Bot Management or "Bot Fight" mode. The __cf_bm cookie is required for these bot solutions to function properly. Third Party

5.3 Integration of external content - cookies

Typeform

For our online marketing activities, we use Typeform on our websites and in our emails to conduct surveys. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner.
For this purpose, we use the service provider Typeform S.L., Carrer de Bac de Roda 163, 08018 Barcelona, Spain ("Typeform").

We have given Typeform a special contractual obligation to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, while complying with the required security standards. When you access a web page with a Typeform plug-in or a link to a survey, you will be redirected to the survey. By filling out a survey, the user's IP address, information about the time and duration of the survey, and the information provided by the user in the survey are transferred to Typeform. If you do not want your data to be processed by Typeform, you should not participate in surveys and should not fill out forms marked accordingly. Data from surveys may be statistically evaluated by us and processed and used for marketing purposes. Of course, the data is anonymized for this purpose, so that no conclusions can be drawn about individuals. Typeform automatically deletes the personal data after 24 months. You can find more information on data processing by Typeform at: https://admin.typeform.com/to/dwk6gt.

Name Expiration Provider Description Category
attribution_user_id 1 year typeform.com Used in context with the website’s pop-up questionnaires and messengering. The data is used for statistical or marketing purposes. Third Party
tf_respondent_cc 6 months typeform.com Used to implement forms on the website. Third Party
AWSALBTGCORS 7 days typeform.com Captures which server cluster is serving the visitor. This is used in the context of load balancing to optimize the user experience. Third Party

5.4 Statistical/Tracking and Performance Cookies

These cookies collect information about the use of the website, e.g. which pages are visited most often and how visitors move around the website. They are intended to help us improve the usability of the website and thus the user experience.

If you agree to a tracker (Google Analytics, Leadfeeder, Pardot, Zoominfo) in the cookie banner, you also agree to the use of the "Google Tag Manager" at the same time. Google Tag Manager is a utility service and takes care of loading other components, which in turn may collect data. Data processing may also take place outside the EU or EEA with regard to Google. For more information, please refer to "5.5 Other tools - Google Tag Manager" (insert link to section).

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc ("Google"), for web analytics. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. We have concluded an order processing agreement with Google. Data processing by Google Analytics may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured due to the adequacy decision (EU-U.S. Data Privacy Framework).
Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=de). For more information on terms of use and data protection, please visit https://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to point out that on this website Google Analytics has been extended by the code "anonymizeIp" to ensure anonymized collection of IP addresses (so-called IP masking). Our interests lie in the analysis, optimization and economic operation of our website. The personal data is automatically deleted in Google Analytics after 26 months.

Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Inc ("Google"), for web analytics. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. We have concluded an order processing agreement with Google. Data processing by Google Analytics 4 may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework).
Google Analytics 4 uses "cookies", which are text files placed on your computer, to help the website and apps analyze how users use the site. The information generated by the cookie about your use of this website or apps is usually transmitted to a Google server in the USA and stored there. IP anonymization is activated here by default and your IP address will be truncated by Google beforehand by the last 3 digits within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. . On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, including through the use of artificial intelligence and machine learning, compiling reports on website activity (by collecting device information such as device type, browser type, operating system and screen resolution to the devices, geographical information such as location, language and country and a user behavior across multiple devices) and providing other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics 4 will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link (https://tools.google.com/dlpage/gaoptout?hl=en). For more information on terms of use and data protection, please visit https://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to point out that on this website Google Analytics 4 has been extended by the code "anonymizeIp" to ensure anonymized collection of IP addresses (so-called IP masking). Our interests lie in the analysis, optimization and economic operation of our website. The personal data is automatically deleted in Google Analytics 4 after 14 months.

Name Expiration Provider Description Category
DV 1 day www.google.com To provide advertising or retargeting. Third Party
NID 3 months .google.de The cookie is used to display Google ads in Google services for logged out users. Third Party
_ga 14 months Google Google Analytics tracking - distinguishing visitors. Third Party
_gat 1 day Google Used by Google Analytics to throttle the request rate. Third Party
_gid 1 day Google Registers a unique ID that is used to generate statistical data about how the visitor uses the website. Third Party
_gat_UA-2576504-4 1 day Google Google Analytics Tracking - contains the unique Google Analytics account. Third Party
_ga_V24ZXYZ15Y 14 months Google Google Analytics 4 Tracking - contains the unique Google Analytics account. Third Party
_gat_UA-169405444-1 1 day Google Google Analytics Tracking - contains the unique Google Analytics account. Third Party
_gat_UA-2576504-19 1 day Google Google Analytics Tracking - contains the unique Google Analytics account. Third Party
OTZ 25 days google.com Google uses cookies such as the OTZ cookies to customize ads on Google properties, such as Google Search. Third Party
_Secure-ENID 390 days google.com Used by Google to secure digitally signed and encrypted data from the unique Google ID and store the last login time, which Google uses to identify visitors, prevent fraudulent use of login data, and protect visitor data from unauthorized parties. This can also be used for targeting purposes to display relevant and personalized advertising content. Third Party
AEC 6 months google.com Used by Google to ensure that requests within a browser session are made by the user and not by other websites. Third Party
SOCS 13 months google.com Stores the user's cookie choice Third Party
CONSENT 13 months google.com Stores the user's cookie choice Third Party

Matomo

This website uses Matomo without cookies to analyze data directly and without the help of third parties. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. Processed personal data: Tracker; Usage Data. "Matomo" is an open source software that enables statistical evaluations on our website, in particular about visitor numbers, page views, downloads and previously visited websites, as well as to measure the success of entries in search engines. The evaluated information and statistics are processed exclusively on our own web servers and in our databases. The "Matomo" tool uses technologies such as tracking pixels and fingerprinting to collect, analyze and categorize information generated by the user's device about the use of our website and interactions with our website as well as access data - in particular the IP address, browser information, the website previously visited and the date and time of the server request - for the purpose of statistical evaluation and measuring the reach of advertisements in search engines. We use "Matomo" with the extension "AnonymizeIP", i.e. IP addresses are shortened before further processing in order to make it more difficult to refer to a person. More information on terms of use and data protection can be found at https://matomo.org/privacy/ . The collected data is automatically deleted after 24 months.

Leadfeeder

For the analysis of visitors to our websites, we use the service provider Liidio OY, Mikonkatu 17 C, 00100, Helsinki, Finland ("Leadfeeder"). The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. We have given Leadfeeder a special contractual obligation to process your data in accordance with European data protection standards, strictly bound by instructions and not for our own purposes, while complying with the necessary security standards. Leadfeeder collects the IP address of the visitor to identify the company and the geographical location. The personal data is automatically deleted in Leadfeeder after 24 months. For more information on data processing by Leadfeeder, please visit: https://www.leadfeeder.com/privacy/.

Name Expiration Provider Description Category
_lfa 12 months Leadfeeder (https://www.leadfeeder.com/cookies-and-tracking/) To store and track the reach of the target audience. Third Party
_lfa_expiry Persistent Leadfeeder Enthält das Verfallsdatum für das Cookie mit entsprechendem Namen. local storage

ZoomInfo

We use "WebSights" from ZoomInfo Technologies, 805 Broadway St Suite 900 Vancouver, Washington 98660, USA ("WebSights"). The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. ZoomInfo provides a business-to-business data platform used by sales and marketing teams. "Websights" is a feature that attempts to match a website visitor's IP address with an IP address of a profiled company in the ZoomInfo platform. These IP addresses are only matched if it is a known company address and cannot be associated with an individual person. Non-matching personal IPs are rejected by the app. Processing is done on our behalf and in accordance with our instructions. WebSights tracks the activity of visitors and potential customers on the Website and landing pages by setting cookies on visitors' browsers. Cookies are set to remember preferences (such as form field values) when a visitor returns to your website. Data processing by ZoomInfo may take place outside the EU or the EEA (in particular in the USA). For these data transfers, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework). For information about how ZoomInfo uses your personal data, please see the Privacy Policy: Privacy Policy (zoominfo.com).

Name Expiration Provider Description Category
visitorld 1 year .ws.zoominfo.com This is how WebSights identifies returning visitors. Third Party
_cfuvid Session .zoominfo.com This cookie is part of the services provided by Cloudflare - including load balancing, website content delivery, and providing DNS connections for website operators. Thirst Party
_cf_bm 1 day .zoominfo.com This cookie is used to distinguish between humans and bots. This is beneficial for the website to generate valid reports about the usage of its website. ThirstParty

G2 Track Your Prospects

This website uses Track Your Prospects, a service of the peer-to-peer evaluation platform G2 Crowd, Inc. located at 20 N. Wacker Dr., Suite 1800, Chicago, IL 60606, United States ("G2"). The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or § 25 para. 1 TDDDG, provided that you have given your consent via our cookie banner. This enables us to analyze how our G2 account influences the behavior of our visitors by integrating the JavaScript code in Google Tag Manager, which is integrated into all our websites. G2 stores a cookie on the visitor's device to track them as they navigate between our website and our G2 profile. If the visitor does not do this manually, the data and the cookie are deleted after 14 days. G2 cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. Processing is carried out on our behalf and in accordance with our instructions. Data processing by G2 may take place outside the EU or the EEA (in particular in the USA). An adequate level of data protection is guaranteed for this data transfer on the basis of the adequacy decision (EU-U.S. Data Privacy Framework). Information on how G2 uses your personal data can be found in the Privacy Policy https://legal.g2.com/privacy-policy.

Name Expiration Provider Description Category
_session_id 14 days tracking.g2crowd.com Track Your Prospects creates a client-side, bidirectional cookie that persists for 14 days after a visitor’s most recent activity. This period resets each time a visitor lands on your website or on your G2 product profile page. Third Party
_cf_bm session g2crowd.com This cookie is used to distinguish between humans and bots. This is beneficial for the website to generate valid reports about the usage of its website. ThirstParty

5.5 Statistical Analysis, Personalized Advertising and Reach Measurement

Targeting or advertising cookies are used to display advertisements on third-party websites that are more relevant to the user and their interests. They are also used to limit the frequency of appearance of an advertisement and to measure and control the effectiveness of advertising campaigns. The legal basis for the processing of personal data that may be processed with the help of marketing cookies is the user's consent in accordance with Art. 6 (1) p. 1 lit. a GDPR or Section 25 (1) TDDDG, if you have given your consent via our cookie banner.

If you agree to a tracker in this category in the cookie banner , you also agree to the use of the "Google Tag Manager" at the same time. Google Tag Manager is a utility service and takes care of loading other components, which in turn may collect data. Data processing may also take place outside the EU or EEA with respect to Google. For more information, please refer to "5.6 Other tools - Google Tag Manager".

Adwords

We use conversion tracking for targeted advertising of our offer. If you click on an ad placed by Google, the conversion tracking we use saves a cookie on your terminal device. These so-called conversion cookies lose their validity after 30 days and do not serve to identify you personally. If the cookie is still valid and you visit a specific page of our website, both we and Google can evaluate that you have clicked on one of our ads placed on Google and that you have subsequently been redirected to our website. Google uses the information obtained in this way to provide us with statistics about visits to our website. In addition, this provides us with information about the number of users who clicked on our ad(s) and about the pages of our website that were subsequently accessed. However, neither we nor third parties who also use Google AdWords are able to identify you in this way.

Recipient: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin 4, Ireland

Third country transfer: Data processing by Google may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework).

Name Expiration Provider Description Category
IDE 1 year .doubleclick.net Contains a randomly generated user ID. Based on this ID, Google can recognize the user across different websites and display personalized advertising. Third Party
_gcl_au 90 days google.com Stores and tracks conversions Third Party

LinkedIn

This website uses the LinkedIn button for the LinkedIn social networking service operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The LinkedIn button features the white LinkedIn logo (“in”). When you click on the LinkedIn button on one of our website pages, your browser will create a direct link to the LinkedIn servers. The plugin content is then transferred directly from LinkedIn to your browser and integrated into the page. This informs LinkedIn that your browser has visited the respective page on our website. If you are signed in to your LinkedIn account at the same time, LinkedIn will associate your visit to our website with your LinkedIn account. If you do not want LinkedIn to associate this information with your LinkedIn account, you should sign out of LinkedIn before visiting our website. For information on the purpose and scope of data collection and processing by LinkedIn, please refer to LinkedIn’s privacy policy (https://www.linkedin.com/legal/privacy-policy) and user agreement (https://www.linkedin.com/legal/user-agreement). We have entered into a data processing agreement with LinkedIn as joint controllers, which sets out the distribution of data protection obligations between us and LinkedIn. You can view the agreement at the following link: https://legal.linkedin.com/pages-joint-controller-addendum .

Name Expiration Provider Description Category
lang Session linkedin.com Used to save a user's language setting so that LinkedIn.com is displayed in the language the user has selected in their settings. Third Party
li_gc 2 years linkedin.com Used to store guests' consent to the use of cookies for non-essential purposes. Third Party
bcookie 1 year linkedin.com Browser identifier cookie to uniquely identify devices accessing LinkedIn for platform abuse and diagnostic purposes. Third Party
lidc 1 day linkedin.com This cookie provides for the selection of the data center. Third Party
PLAY_LANG Session linkedin.com Used by some LinkedIn services to remember a user's language preference. Third Party
li_alerts 1 year linkedin.com Used to track impressions of LinkedIn notifications, such as the cookie banner, and to implement cool down periods for displaying notifications. Third Party
JSESSIONID Session linkedin.com Used to protect against Cross Site Request Forgery (CSRF) and validate URL signatures. Third Party
ln_or 1 day linkedin.com
intershop.com/ blog.intershop.com
Used to determine whether Oribi analyses can be performed for a particular domain. Third Party
AnalyticsSyncHistory 30 days .linkedin.com Used to store information about the time a sync took place with the lms_analytics cookie. Third Party
UserMatchHistory 30 days .linkedin.com Used for id sync process. It stores the last sync time to avoid repeating the syncing process in a frequent manner. Third Party
bscookie 1 year www.linkedin.com Used for remembering that a logged in user is verified by two factor authentication and has previously logged in. Third Party
li_sugr 2 days .linkedin.com Used to make a probabilistic match of a user's identity outside the Designated Countries. Third Party

Hotjar

To improve the user experience on our websites, we use Hotjar, which is essentially a tracking code-based web analytics service provided by Hotjar Ltd ("Hotjar") (https://www.hotjar.com, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta, Europe). The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. With Hotjar it is possible to measure and evaluate the usage behavior (clicks, mouse movements, scroll heights, etc.) on our website. Hotjar uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. In order to exclude a direct personal reference, IP addresses are only stored and processed anonymously. In addition, information on the operating system, browser, incoming and outgoing references (links), geographical origin, as well as resolution and type of device are evaluated for statistical purposes. This information is not personal and will not be passed on to third parties by us or by Hotjar. If you do not want recording, you can disable it on all websites that use Hotjar by setting the DoNotTrack header in your browser. For more information, please visit: https://www.hotjar.com/de/legal/policies/do-not-track/.

Name Expiration Provider Description Category
_hjid Persistent Hotjar Sets a unique ID for the session. This allows the website to obtain data about visitor behavior for statistical purposes. Third Party
_hjTLDTest Session Hotjar Registers statistical data about visitors' behavior on the website. Used by the webmaster for internal analysis. Third Party
_hjFirstSeen 1 day Hotjar This cookie is used to determine whether the visitor has visited the website before or whether the visitor is a new visitor to the website. Third Party
_hjAbsoluteSessionInProgress 1 day Hotjar This cookie is used to recognize the first page view of a user. This is a true/false flag set by the cookie. Third Party
_hjIncludedInPageviewSample 1 day Hotjar This cookie is set to tell Hotjar whether this user is included in the data sample defined by your website's page view limit. Third Party
_hjSessionUser_{site_id} 1 year Hotjar Set when a user first lands on a page. Persists the Hotjar User ID which is unique to that site. Hotjar does not track users across different sites.
Ensures data from subsequent visits to the same site are attributed to the same user ID.
Third Party
_hjSession_{site_id} 30 minutes Hotjar Holds current session data.
Ensures subsequent requests in the session window are attributed to the same session.
Third Party

5.6 Other tools (e.g. social plug-ins)

Consent-Management-Platform Contao Consent (hofff/contao-consent)

To request consent for the processing of your terminal information and personal data via cookies or other tracking technologies on our website, we use the consent tool "Contao Consent" (hofff/contao-consent). Using "Contao Consent", you have the possibility to consent or refuse the processing of your end device information and personal data using cookies or other tracking technologies for the purposes listed in "Contao Consent". Such processing purposes may include the integration of external elements, integration of streaming content, statistical analysis, reach measurement and personalized advertising. You can use "Contao Consent" to grant or deny your consent for all processing purposes or to grant or deny your consent for individual purposes or individual third-party providers. The settings you have made can also be changed by you afterwards. The purpose of integrating "Contao Consent" is to allow the users of our website to decide whether to set cookies and similar functionalities and to offer the possibility to change settings already made in the course of further use of our website. In the course of using "Contao Consent", personal data as well as information of the end devices used are processed by us. No data is sent to a third-party provider. The information about the settings you have made is stored decentrally in your end device. The legal basis for the processing is Art. 6 (1) sentence 1 lit. c GDPR in conjunction with Art. 7 (1) GDPR, insofar as the processing serves to fulfill the legally standardized obligations to provide evidence for the granting of consent. Otherwise, Art. 6 (1) sentence 1 lit. a GDPR or Section 25 (1) TDDDG is the relevant legal basis. After twelve months after the user settings have been made, the consent will be queried again. The user settings made will then be stored again for this period, unless you yourself delete the information about your user settings in the terminal device capacities provided for this purpose beforehand.

Google Tag Manager

We use the "Google Tag Manager" from "Google" (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) on our website. "Google Tag Manager" is a solution that allows website tags and other third-party elements to be managed through one interface. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner.

On the for one, an http request is sent to Google when the website with Google Tag Manager is called up. We use the Google Tag Manager for the purpose of facilitating electronic communication by transferring information to third-party providers via programming interfaces, among other things. In the Google Tag Manager, the respective tracking codes of the third-party providers are implemented without us having to make any elaborate changes to the source code of the website ourselves. Instead, the integration is carried out by a container that places a so-called "placeholder" code in the source code. In addition, the Google Tag Manager allows us to exchange the data parameters of the users in a certain order, in particular by ordering and systematizing the data packets. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. Data processing by Google Tag Manager may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is guaranteed based on the adequacy decision (EU-U.S. Data Privacy Framework). Further information on data protection at "Google" can be found at: https://www.google.de/intl/de/policies/privacy.


On the other, third-party tags such as tracking codes or counting pixels are installed on our website by the Google Tag Manager. The tool triggers other tags, which in turn collect your data; we will inform you about this separately in this privacy policy. An evaluation of the end device information and personal data of the users collected by the tags does not take place through the Google Tag Manager itself. Rather, your data is forwarded to the respective third-party service for the purposes stated in our consent management tool. We have aligned Google Tag Manager with our consent management tool in such a way that the triggering of certain third-party services in Google Tag Manager is made dependent on your selection in our consent management tool, so that only those third-party tags trigger data processing for which you have given consent. Use of Google Tag Manager is covered by consent for the relevant third-party service. Data processing by Google may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework). The legal basis for the transfer to the U.S. is your consent pursuant to Art. 49 (1) lit. a GDPR. The storage period of your data can be found in the following descriptions of the individual third-party services.
You can revoke your consent to the use of your personal data that you have given us. in total or for individual processing operations free of charge. The legality of the processing carried out on the basis of the consent until the revocation is not affected by the revocation. If you wish to exercise your right of revocation, please click on the word "Cookies" in the footer to call up the cookie banner again.

Consent banner

If you revoke your consent, the technically unnecessary cookies will be deleted. Please note that after a revocation, you must manually delete the technically necessary cookies created up to this point in your browser software settings. New cookies will no longer be set for the deselected category from the time of revocation.

Facebook Social

This website uses so-called social plug-ins ("plug-ins") of the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner.
The plug-ins are marked with a Facebook logo or the addition "Social Plug-In from Facebook" or "Facebook Social Plug-In". You can find an overview of the Facebook plug-ins and their appearance here: https://developers.facebook.com/docs/plugins. When you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to Facebook's servers. The content of the plug-in is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plug-ins, for example by clicking the "Like" button or posting a comment, this information is also transmitted directly to a Facebook server and stored there. The information will also be published on your Facebook profile and displayed to your Facebook friends. Facebook may use this information for the purposes of advertising, market research and demand-oriented design of the Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you via Facebook, to inform other Facebook users about their activities on our websites and to provide other services associated with the use of Facebook. If you do not want Facebook to directly assign the data collected via our website to your Facebook profile, you must log out of Facebook before visiting our website. Data processing by Facebook may take place outside the EU or the EEA (in particular in the USA). For this data transfer, an adequate level of data protection is guaranteed based on the adequacy decision (EU-U.S. Data Privacy Framework). For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook's privacy policy: https://www.facebook.com/policy.

Twitter plug-ins (now "X")

Our website uses so-called social plug-ins ("plug-ins") of the microblogging service Twitter (now "X"), which is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. The plug-ins are marked with a Twitter / X logo for example in the form of a blue "Twitter bird"/ X logo for example in the form of a white X on a black background. An overview of the Twitter / X plug-ins and their appearance can be found here: https://about.twitter.com/en_us/company/brand-resources.html. When you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Twitter / X servers. The content of the plug-in is transmitted by Twitter / X directly to your browser and integrated into the page. Through the integration, Twitter / X receives the information that your browser has called up the corresponding page of our website, even if you do not have a profile on Twitter or are not currently logged in to Twitter. This information (including your IP address) is transmitted by your browser directly to a server of Twitter / X in the USA and stored there. Consent to Twitter / X also includes consent to the transfer of data to the U.S. without an adequate level of data protection and without appropriate safeguards (lack of enforceability of the rights of data subjects and possible disproportionate access by government authorities to user data). The use of Twitter / X requires the transfer to third countries. If you do not want to consent to the transfer to third countries, you must deselect Twitter / X. If you are logged in to Twitter / X, Twitter / X can directly assign the visit to our website to your Twitter / X account. If you interact with the plug-ins, for example, press the "Twitter / X" button, the corresponding information is also transmitted directly to a server of Twitter / X and stored there. The information will also be published on your Twitter / X account and displayed there to your contacts. For the purpose and scope of the data collection and the further processing and use of the data by Twitter / X, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of Twitter / X: https://twitter.com/privacy. If you do not want Twitter / X to assign the data collected via our website directly to your Twitter account, you must log out of Twitter / X before visiting our website.

Xing

We would like to inform you here about the processing of personal data via the XING Share button function. The "XING Share button" is used on this website. The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a GDPR or § 25 para. 1 TDDDG, if you have given your consent via our cookie banner. When you access this website, a connection is briefly established via your browser to servers of XING SE ("XING"), with which the "XING Share Button" functions (in particular the calculation/display of the counter value) are provided. XING does not store any personal data about you when you call up this website. In particular, XING does not store any IP addresses. There is also no evaluation of your usage behavior via the use of cookies in connection with the "XING Share Button". The current data protection information on the "XING Share button" and supplementary information can be found on this website: https://www.xing.com/app/share?op=data_protection.

6. Rights of the person concerned

You have the following rights regarding your data processed by us:

  • the right to information about your personal data stored by us according to Art. 15 GDPR;
  • if applicable, the right to have inaccurate or incomplete personal data stored by us corrected in accordance with Art. 16 GDPR;
  • the right to have your personal data stored by us deleted and forgotten in accordance with Art. 17 GDPR;
  • the right to restriction or blocking of the processing of your personal data according to Art. 18 GDPR;
  • if applicable, the right to data portability according to Art. 20 GDPR;
  • the right to object to the processing of your personal data pursuant to Art. 21 GDPR;
  • the right to revoke consent given, if applicable, pursuant to Art. 7 (3) GDPR;
  • the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

If you have any further questions regarding the processing of your personal data or the exercise of any of the rights available to you, please send us an email at DatenschutzBeauftragter@intershop.de