Data protection declaration

Privacy Policy of Alcedis GmbH


I General information on data protection


1 Data protection


We are pleased that you have expressed interest in us by visiting our online offering. As the operator of this site, Alcedis GmbH takes the responsibility of protecting your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations.


This Privacy Policy explains the nature, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and the associated functions and content. With regard to the terms that are used, including “personal data”, “processing” or “Controller,” we refer to the definitions provided in Art. 4 GDPR.


Alcedis GmbH has implemented numerous technical and organizational measures as the Controller that is responsible for the processing of personal data in order to ensure that all personal data processed via this website is protected as completely as possible. Please note that data transmitted via the Internet (e.g., via email communication) may be subject to security breaches. Therefore, we cannot totally guarantee that third parties will not access data.


2 Controller


The Controller within the meaning of the GDPR and other national data protection laws and regulations is:


Alcedis GmbH

Winchesterstr. 3

35394 Gießen

Phone: +49 641-94436-0

Fax: +49 641-94436-70



Management: Dr. Elke Heidrich-Lorsbach, Mr. Michael Lorsbach,

Mr. Hanno Härtlein



3 Data Protection Officer


The Data Protection Officer of the Controller is:


Maxim Fink

Gds Gesellschaft für Datenschutz Mittelhessen mbH

Auf der Appeling 8

35043 Marburg


Phone.: +49 6421 80413 10




II General information on data protection


1 Scope of personal data processing


We collect and process the personal data of our website visitors only to the extent necessary for the provision of a functioning website and our content and services.


2 Legal basis for processing personal data


In accordance with Art. 13 GDPR, we hereby inform you of the legal basis for data processing. Unless another legal basis is stated in the Privacy Policy, the following applies:


Insofar as the processing of personal data is based on the consent of the data subject, Art. 6 (1) (a) GDPR acts as the legal basis.


When processing personal data that is necessary for the fulfillment of an Agreement to which the data subject is a party, Art. 6 (1) (d) GDPR acts as the legal basis. This also applies to processing operations that are necessary for carrying out precontractual measures.


Insofar as the processing of personal data is necessary to fulfill a legal obligation to which the Controller is subject, Art. 6 (1) (c) GDPR serves as the legal basis.


In the event that the vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 (1) (d) GDPR acts as the legal basis.


If processing is necessary to safeguard a legitimate interest of the Controller or a third party, and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) (f) GDPR acts as the legal basis for the processing.



3 Data deletion and storage period


The personal data of the data subject shall be deleted or its processing shall be restricted as soon as the purpose for the processing no longer applies. Furthermore, data may be processed if so provided under EU or national laws or other provisions to which the Controller is subject. The restriction or erasure of data will be carried out even if the storage period prescribed by the above-mentioned standards expires, unless data storage is a necessity for concluding or carrying out an agreement.



III Provision of the website and creation of log files


1 Description and scope of data processing


Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer.


The following data (so-called server log files), which your browser automatically transmits to us, are collected:


– Information about the browser type (version used, language settings, etc.)

– User operating system

– User IP address

– Date and time of access

– Websites that the user’s system uses to access our website (website, search engine or link, and so-called referrer URL)

– Website accessed by the user’s system through our website

– Status information (e.g., error messages)

– The amount of data that is transferred


The data is also stored in the log files of our system. This data is not stored together with the user’s other personal data.


We reserve the right to retrospectively check this log data or allow others to do so in the event of concrete evidence of illegal activity.



2 Legal basis for data processing


The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR.



3 Purpose of data processing


The temporary storage of IP addresses by the system is necessary to enable access to the website. To this end, the user’s (visitor’s) IP address must remain stored for the duration of the session. The storage of data in log files helps to optimise the website and to guarantee the security of our information technology systems. No evaluation of the data for marketing purposes is undertaken in this context.


These purposes also encompass our legitimate interest to process data in accordance with Art. 6 (1) (f) GDPR.



4 Retention period


The data will be deleted as soon as it is no longer necessary for the achievement of the purpose for which it was collected. In the case of data collection for propose of provision of the website, this purpose will be achieved once the respective session has ended.


In the case of storage of the data in log files, data is deleted no later than within seven days. The storage of data for a longer term is possible (e.g., for security reasons, such as during the investigation of abuse or fraud, and storage for purposes of preserving evidence). In this case, the user’s IP addresses will be deleted or distorted so that they can no longer be associated with the accessing client.



5 Objection and deletion options


The collection of data for provision of the website and storage of data in log files are absolutely necessary for operation of the website. Consequently, the user has no option to object.



IV Use of cookies



1 Description and scope of data processing


Our website uses cookies. Cookies do not harm your computer and do not contain viruses. Cookies are text files that are stored on the Internet browser or by the Internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that allows the browser to be uniquely identified when the website is accessed again.


We use cookies to make our website more user-friendly. Some elements of our website require that the requesting browser be identifiable even after changing pages.


The following data is stored and transmitted in the cookie files:


– Language settings

– Log-in information



2 Purpose of data processing


The purpose of using technically essential cookies is to simplify the use of websites for users. Some features of our website will not be available without the use of cookies. In this case, it is necessary that the browser remain recognizable even after changing the page.


We require cookies for the following applications:


– Transfer of language settings

– Remembering search terms


The user data collected by technically essential cookies is not used to create user profiles.



3 Legal basis for data processing


For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 (1) (f) GDPR.



4 Duration of storage and options for objection and removal


Cookies are stored on the user’s computer and transmitted to our site. Therefore, as a user you have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated on our website, as a result you may no longer be able to use all of the website’s features in full.


The transmission of Flash cookies cannot be prevented via the browser settings. Rather, you must change the Flash Player settings.



V Contact form and email contact


1 Description and scope of data processing


There is a contact form on our website that can be used for contacting us electronically. If the user takes advantage of this form, the data that is entered in the entry form will be transmitted to us and stored. This data includes:


– First and last name

– Email address

– Subject

– Topic/content of the message (optional)


The following data is also stored at the time the message is sent:


– The user’s IP address

– Date and time of registration


Your consent will be obtained for the processing of the data as part of the sending process.


Alternatively, you can contact us via the provided email address. In this case, the user’s personal data that is transmitted along with the email will be stored.


This data will not be disclosed to third parties in this context. The data is used exclusively for processing the conversation.



2 Legal basis for data processing


The legal basis for the processing of the data is the consent of the user within the meaning of Art. 6 (1) (a) of the GDPR.


The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) (f) GDPR. If you send us an e-mail with the intention of entering into an agreement with us, this creates an additional legal basis for data processing as per Art. 6 (1) (b) GDPR.



3 Purpose of data processing


We only use the personal data that is entered in contact forms to process the contact request. In the event that a contact request is sent by email, this also constitutes the necessary legitimate interest to process the data.


The processing of other personal data during the sending process is done for the purpose of preventing the abuse of the contact form and ensuring the security of our information technology systems.



4 Retention period


The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data that was taken from the contact form entry form and data that was sent by email, this is the case when the respective conversation with the user has been completed. The conversation will have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved.


Personal data that was additionally collected during the sending procedure will be deleted at the latest within a period of seven days.



5 Objection and deletion options


The user has the option of revoking his consent to the processing of personal data at any time. A user who contacts us by email can object at any time to the storage of his personal data. It will not be possible to continue the conversation in this case.


A declaration of revocation, amendment, correction, and updating of such data may be made in writing, by fax or by e-mail to Alcedis GmbH.


All personal data stored in the course of contacting us will be deleted as a result.



VI Data protection for applications and in the application procedure


When you apply with us, we will process the information we receive from you within the scope of the application procedure, e.g. through the letter of application, CV, certificates, correspondence or information obtained over the phone or face-to-face encounters. In addition to your contact details, especially information about your education, qualifications, work experience and your capabilities are relevant for us.


Initially, your data will only be processed to carry out the application procedure. If your application is successful, the data will become part of your personnel file and used to proceed with and terminate the employment, and it will be deleted according to the regulations applicable for personnel files. If we are unable to offer you employment at present, we will still process your data until six months after sending the negative reply to defend ourselves against potential legal claims, especially because of an alleged discrimination in the application procedure. If you receive reimbursements or if there are other tax-relevant transactions, the corresponding accounting records will be kept to meet budgetary and tax retention obligations in accordance with the respective applicable retention obligations. In the first instance, our personnel department has access to your data, but then also the department holding the position you applied for and, if necessary, accounting. Our administrators and processors have the possibility to access IT processed data because of technical requirements. They are strictly bound to our instructions and are not permitted to process the data for their own ends. In certain cases, we have to disclose your personal data to third parties, such as to our bank, if you receive a reimbursement, or to the post office, if we communicate with you by letter.


§ 26(1) P. 1 of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and Art. 6(1) lit. b GDPR constitute the legal basis for data processing in the application procedure and as part of the personnel file and Art. 6(1) lit. a GDPR, if you gave your consent, for example by transmitting information not required for the application procedure. The legal basis for data processing after a negative reply is Art. 6(1) lit. f GDPR. The legal basis for budgetary and tax retention is Art. 6(1) lit. c GDPR in conjunction with § 147 of the German Fiscal Code (Abgabenordnung, AO). Legitimate interest in processing on the basis of Art. 6(1) lit. f GDPR is the defence against legal claims.


In general, we do not require any specific categories of personal data for the application process, as defined by Art. 9 GDPR. We ask that you do not send us any such information from the start. If such information is relevant for the application process by way of exception, we will process them together with your other applicant data. This may, for example, be related to information about a severe disability that you can provide to us voluntarily and which we then have to process in order to meet our special obligations with regard to severely disabled persons. In these cases, processing serves the right to exercise rights or meet legal obligations under labour law, right to social security and social protection. In this case, the legal basis for data processing are Art. 9(2) lit. b GDP, §§ 26(3) BDSG, 164 of the German Social Security Code (Sozialgesetzbuch, SGB) Volume IX. In exceptional cases, it may be necessary to obtain information about your health or a disability or information from the Federal Central Register, i.e. about criminal records, to evaluate your suitability for the intended activity. The legal basis for this is § 26 BDSG.


VII Rights of the data subject


If your personal data is processed, you are an affected person (data subject) in the meaning of the GDPR and you have the following rights with respect to the Controller:



1 Right to information


You may ask the Controller to confirm whether your personal data is processed by us.


If such processing takes place, you can request the following information from the Controller:


– the purposes for which the personal data is processed;

– the categories of personal data that are processed;

– the recipients or categories of recipients to which your personal data has been disclosed or is still being disclosed;

– the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the storage period;

– the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the Controller or a right to object to such processing;

– the existence of a right of appeal to a supervisory authority;

– all available information on the source of the data if the personal data was not collected from the data subject;

– the existence of an automated decision-making procedure, including profiling under Article 22 (1) and (4) GDPR and (at least in these cases) meaningful information about the utilized logic and the scope and intended impact of such processing on the data subject.


You have the right to request information about whether your personal information has been transmitted to a third country or an international organization. In this connection, you can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission of information.



2 Right to rectification


You have a right to rectification and/or completion against the Controller, provided your personal data that is subject to processing is incorrect or incomplete. The Controller must immediately make all necessary corrections.



3 Right to restriction of processing


You may request the restriction of the processing of your personal data under the following conditions:


– If you contest the accuracy of your personal information for a period of time that enables the Controller to verify the accuracy of your personal data;

– The processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;

– The Controller no longer requires personal data for the purposes of processing, but you need it to assert, exercise or defend against legal claims, or

– If you have objected to the processing pursuant to Art. 21 (1) GDPR, and it is not yet certain whether the legitimate reasons of the Controller prevail over your reasons for objection.


If the processing of your personal data has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending against legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the EU or a Member State.


If the limitation of processing is instituted in accordance with the above conditions, you will be informed by the Controller before the restriction is lifted.



4 Right to deletion


a) Obligation of deletion


You may request the Controller to delete your personal information without delay, and the Controller will be required to delete that information immediately if one of the following is true:


– Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

– You revoke your consent to data processing in accordance with Art. 6 (1) (a) or Art. 9 (2) (a) GDPR and there is no other legal basis for processing.

– You file an objection to processing in accordance with Art. 21 (1) GDPR and there are no prior justifiable reasons for processing, or you file an objection to processing in accordance with Art. 21 (2) GDPR.

– Your personal data has been processed unlawfully.

– The deletion of your personal data is required to fulfill a legal obligation under EU law or the law of the Member States to which the Controller is subject.

– The personal data concerning you was collected in relation to data processing firm services that are offered pursuant to Art. 8 (1) GDPR.



b) Information that is sent to third parties


If the Controller has made your personal data public and is in accordance with Article 17 (1) GDPR obligated to erase this data, then it is also obligated to inform data controllers who process this personal data that you as a data subject have requested the deletion of any links to such personal data or copies or duplicates of such personal data while taking into account the available technology and the costs of implementation, including appropriate technical measures.



c) Exceptions


There is no right to erasure if the processing is necessary


– to exercise the right to freedom of expression and information;

– to fulfill a legal obligation required by the law of the EU or of the Member States to which the Controller is subject, or to perform a task of public interest or in the exercise of official authority that is conferred by the Controller;

– for reasons of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) as well as Art. 9 (3) GDPR;

– for archival purposes of public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) GDPR, insofar as the law referred to in Section (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

– to assert, exercise or defend against legal claims.


5 Right to information


If you have exercised your right to have the Controller correct, delete, or limit the processing, this party is obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves disproportionate effort.


You have a right to be informed about these recipients by the Controller.



6 Right to data portability


You have the right to receive a report of the personally identifiable information that you provide to the Controller in a structured, common, and machine-readable format. In addition, you have the right to pass this data on to another controller without obstruction by the controller to which the personal data was provided, insofar as


– the processing is based on prior consent in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on the basis of an agreement in accordance with Art. 6 (1) (b) GDPR

– the processing is done using automated procedures.


In exercising this right, you also have the further right to obtain your data that is directly transmitted by one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons may not be affected.


The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task in the public interest or in the exercise of official authority that is conferred by the Controller.



7 Right of objection


You have the right at any time, for reasons that arise from your particular situation, to contest the processing of your personal data that is processed pursuant to Art. 6 (1) (e) or (f) GDPR. This also applies to profiling based on these provisions.


The Controller will cease to process your personal data unless it can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending against legal claims.


If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is pursued for such direct advertising.


If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.


Regardless of Directive 2002/58/EC, you have the option in a situation where a data processing company service is hired of exercising your right to object to the use of automated procedures that use technical specifications.



8 Right to revoke the informed consent related to data protection


You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing that was conducted on the basis of the consent before the revocation.



9 Automated decisions in individual cases, including profiling


You have the right not to be subject to a decision based exclusively on automated processing (including profiling) that entails legal consequences against you or significantly impairs you in a similar manner. However, this provision does not apply if the decision


– is required for the conclusion or performance of a agreement between you and the Controller,

– is permissible on the basis of EU or Member State laws to which the Controller is subject, and those legal provisions contain adequate measures to safeguard your rights and freedoms as well as your legitimate interests, or

– is taken with your express consent.


However, these decisions must not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and reasonable measures have been taken to protect your rights and freedoms as well as your legitimate interests.


If the decision is not based on legal provisions, the Controller will take appropriate measures to uphold the rights and freedoms and your legitimate interests, including at minimum your right to require the Controller to present a person to intervene, who will be allowed to express his own position and to challenge the decision.



10 Right to appeal the decision before a supervisory authority


Without prejudice to any other administrative or judicial remedy, you shall have the right to file a complaint with a supervisory authority, in particular in the Member State of your residence or place of work or the place of alleged infringement, if you believe that the processing of your personal data violates the GDPR.


The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.


The Controller’s supervisory authority that is responsible for data protection is:


The Hessian Commissioner for Data Protection and Freedom of InformationDr. Michael Ronellenfitsch
Gustav-Stresemann-Ring 1
65189 Wiesbaden



VIII Technical and organizational measures


Protecting personal data that is processed and used on the systems of Alcedis GmbH is a particular requirement and concern for us as a company that is active in the healthcare sector. For this reason, we have implemented a comprehensive data protection and IT security concept throughout the company which, with the aid of technical and organisational data protection measures, will adequately ensure the protection of the personal and other company-relevant data that is stored on our systems. This also includes the protection of your personal data (e.g., your name, address or e-mail address) when you visit our website. Alcedis GmbH is internally structured in such a way that only those persons are granted access to personal data who are entitled to do so within the scope of their operational assignments. All company employees are obliged to maintain the confidentiality of personal data pursuant to Art. 5 (1) (f) and Art. 32 (4) GDPR. The building and the equipment rooms are always locked and may only be accessed by employees who have a need to access them. Numerous internal policies regulate the handling of company resources and data. A list of processing activities pursuant to Art. 30 GDPR is used to document the procedures to process personal data, including the technical and organizational data protection measures that are applied.
The company Data Protection Officer monitors the proper use of data processing systems within the scope of his duties and advises the company on data protection issues.



IX Data transmission and collaboration with third parties


1 Collaboration with processors and third parties


If, during the course of our data processing, we disclose data to other persons and companies (contractual processors or third parties), transmit data to them or otherwise grant them access to the data, this will only be done on the basis of legal consent (e.g., if the data is transmitted to third parties as required by the payment service provider pursuant to Art. 6 (1) (b) GDPR) if you have indicated that you consented to a legal obligation or if such disclosure is made on the basis of our legitimate interests (e.g., due to the use of agents, web hosting services, etc.).


If we task processors with the processing of data, this shall be done on the basis of Art. 28 GDPR.



2 Transmission of data to third countries


If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or as part of the use of third party services or disclosure or transmission of data to third parties, this is done only to fulfill our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we either process or hire a contractor to process data in a third country only in compliance with the special conditions of Art. 44 ff. GDPR. In other words, processing takes place on the basis of specific guarantees, such as an officially recognized level of data protection (e.g., in the U.S. through the Privacy Shield) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).



3 Integration of the services and content of third parties


Based on our legitimate interests (i.e., interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we make use of third-party content or service offerings in order to improve our online content and services, including videos or fonts (hereinafter collectively referred to as “content”).


This always presupposes that the third party providers of this content will see the IP address of users, since they would not be able to transmit content to user browsers without the IP address. The IP address is therefore necessary in order to display this content. We endeavor to only use content from providers who use the IP address solely for the delivery of content. Third-party providers may also use “pixel tags” (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” enable the analysis of information such as the traffic of visitors on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offering. It may also be linked to such information from other sources.



4 Web hosting


We engage hosting services to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, and security services and technical maintenance services that we use for the purpose of operating this online offering.


In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, and metadata and communication data of customers, potential customers, and visitors to this online offering on the basis of our legitimate interests in providing an effective and secure online offering in accordance with Art. 6 (1) (f) GDPR in conjunction with Art. 28 GDPR (conclusion of an agreement for order processing).



5 Data protection on third party websites


This website may contain hyperlinks to third-party websites. If you follow a hyperlink to any of these websites, please note that we cannot accept any responsibility or guarantee for third-party content or the observance of data protection conditions. Please make sure you are aware of the applicable data protection conditions before you submit personal data to these websites. The respective operators are solely responsible for the content of linked pages. There was no indication that the content of the page that is accessed by the link does not comply with the legal provisions or violates common decency at the time of linking. We ask that you immediately notify us if a foreign site to which we link using hyperlinks does not comply or no longer complies with legal requirements or common decency. The license and usage conditions of the respective operator of the Internet offer apply.



X Website analytics services


1 Google Analytics


This website uses Google Analytics, a web analysis service. This service is provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The use takes place on the basis of Art. 6 (1) Sentence 1 (f) GDPR.


Google Analytics uses so-called “cookies,” which are text files that are stored on your computer and make it possible to analyze your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the US and stored there. However, if IP anonymisation is activated on this website, your IP address will first be shortened by Google within Member states of the European Union or in other states that are contracting parties to the agreement in the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser within Google Analytics is not merged with other Google data.


You may refuse the use of cookies by selecting the appropriate settings in your browser. However, please be advised that if you opt out of using cookies, you may not be able to use all the features of this website. You can also prevent the data generated by the cookie that is based on your use of the website (including your IP address) from being sent to and processed by Google by downloading and installing the browser plugin available at the following link: This browser add-on informs Google Analytics via JavaScript that no data and information about your visits to websites may be transmitted to Google Analytics. Google will consider the installation of the browser add-on as an expression of your objection to data collection.


Alternatively, if you have a browser add-on or use a browser on a mobile device, please click this link in order to avoid future detection by Google Analytics on this website. This stores an opt-out cookie on your device. To delete your cookies, you will need to click on the link again.


Additional information and Google’s privacy policy may be retrieved at and at You can find more detailed information about how Google Analytics works at



XI Google services


1 Google Maps


We integrate maps that are provided by the service “Google Maps,” which is offered by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, for purposes of presenting visual geographical information. When Google Maps is used, Google also collects, processes, and utilizes data about the visitor’s use of map functions. Google will under no circumstances associate your IP address with any other data held by Google. However, it would be technically possible for Google to identify at least individual users based on the data that is collected. However, it would be technically possible for Google to identify at least individual users based on the data that is collected. It is possible that the personal data and personal profiles of users of the Google website could be processed for other purposes, and we cannot and do not have any influence over this processing. Additional information about data processing by Google can be found at, and you can also find the Opt-Out here: Users can change their individual settings so that their own data can be managed and protected in Google’s Privacy Center (


By using this website, you consent to the collection, processing, and use of data that is collected automatically by Google Inc., its representatives, and third parties.



XII Use of social media plug-ins


1 LinkedIn


The Controller has integrated components of LinkedIn Corporation on this website. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Privacy matters outside the USA are the responsibility of LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.


Each time you visit our website, which contains a LinkedIn component (LinkedIn plugin), this component will retrieve the corresponding version of the LinkedIn component and display it in the visitor’s browser. You can find more information about LinkedIn plug-ins at As part of this technical process, LinkedIn receives information about the specific sub-page of our website that is visited by the data subject.


If the data subject is simultaneously logged in to LinkedIn, LinkedIn will learn about the specific sub-pages of our website he visits over the entire duration of each respective visit to our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the respective person. If the respective person clicks the LinkedIn button that is integrated into our website, LinkedIn will associate this information with the visitor’s personal LinkedIn user account and store this personal data.


LinkedIn receives information via the LinkedIn component that the data subject has visited our website whenever he is logged in to LinkedIn at the same time that he accesses our website; this happens regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, he can prevent it from being transmitted by logging out of his LinkedIn account before accessing our website.


LinkedIn allows users the opportunity at to unsubscribe from e-mail messages, SMS messages, and targeted ads as well as to manage ad settings. LinkedIn also has relationships with such partners as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua und Lotame, which are also able to store cookies. You can opt out of receiving cookies by visiting


LinkedIn’s current privacy policy is available at



2 Legal basis for processing personal data using social media plugins


The legal basis for data processing, if the user’s consent to this has been obtained, is Art. 6 (1) (a) GDPR. Otherwise, the processing takes place in accordance with Art. 6 (1) (f) GDPR.



3 Purpose of data processing


The processing of personal data from social media plugins helps us to connect our website to such social networks as Facebook, Twitter, and Google Plus (development of social marketing channels), thereby generating new website visitors. In the event that social media plugins are used, this also constitutes the necessary legitimate interest to process the data.



4 Retention period


The data will be deleted as soon as it is no longer needed for our record-keeping purposes.



5 Objection and deletion options


You have the right at any time, for reasons that arise from your particular situation, to contest the processing of your personal data that is processed pursuant to Art. 6 (1) (e) or (f) GDPR.


Additional information on the data protection measures of individual providers can be found in the respective data protection declaration. Please follow the respective links under the above provider names.



XIII SSL encryption


This site uses SSL encryption for security reasons and to secure confidential content, such as, for example, the enquiries that you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.


If SSL encryption is activated, the data that you transfer to us cannot be read by third parties.



XIV Other important information


1 Personal data of children and adolescents


Persons under the age of 14 should not send any personal data to us without the consent of their guardians. We do not request any personal data from children or young people, do not collect it, and do not pass it on to third parties unless we have received express permission to do so. If the user of our website has not yet reached the age of sixteen and the legal basis for processing is consent, such consent must be given by the user’s guardian or with his consent.



2 Objection to promotional emails


We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements for purposes of sending promotional and informational materials that are not expressly requested. The website operator reserves the right to take specific legal action in the event that unsolicited advertisements, such as email spam, are received.



3 Changes to our Privacy Policy


We change our security and data protection measures to the extent required by technical and legal developments and adapt our data protection guidelines accordingly. Please take note of the current version of the Privacy Policy.



Privacy Policy version: 29th March 2019