Privacy Policy

This privacy policy applies to this active domain and all associated telemedia or digital services, or  those areas to which a separate privacy policy applies and for which the provider is responsible in  accordance with applicable laws (e.g., GDPR). 

This privacy policy explains how, how much, and for what purpose personal data is collected, used,  and processed on this website (hereinafter referred to as “telemedia,” “digital services,” or “offer”).  This is done in accordance with German and European data protection regulations by the  responsible body: 

See Imprint 

(hereinafter referred to as “provider”) or, if not applicable, the natural or legal person named in the  legal notice. In the following, the generic masculine form is used as a placeholder, but all genders  and identifications are meant. This results from purely practical considerations and does not constitute discrimination in any form. Please contact info@datenschutz-eprivacy.de if you would like to proactively help translate this privacy policy into gender-neutral German. 

The legal and regulatory basis for data protection (as well as other applicable laws or parts of laws)  can be found in the following texts: 

• Digital Services Act (DDG) (formerly Telemedia Act), 
• Telecommunications Digital Services Data Protection Act (TDDDG), 
• Media State Treaty (MStV) 
• Federal Data Protection Act (BDSG), 
• Interstate Treaty on the Protection of Minors in the Media (JMStV), 
• Act to Improve Law Enforcement in Social Networks (NetzDG), 
• Regulation (EU) 2016/679 “General Data Protection Regulation” (GDPR), • Regulation (EU) 2024/1689 “AI Act” or “AI Regulation” (KIVO) and 
• Directive 2002/58/EC (“ePrivacy Directive”) in conjunction with Directive  2009/136/EC (“Cookie Directive”) and 
• from the date of validity: the European ePrivacy Regulation (ePVO) 

1. Limitation of liability 

The content of this website has been compiled with the greatest possible care. However, no  guarantee can be given for the accuracy, completeness, and timeliness of the content provided. Use  of this website is at the user’s own risk. All contributions marked by name reflect the individual  opinion of the author and not necessarily that of the provider. 

Use of this service does not constitute a contractual relationship, legal advice, tax advice, or any  other service. This only applies if such a relationship is entered into by means of a clear declaration  of intent or a separate contract. 

2. Copyright and ancillary copyright 

The contents of this offer are subject to German copyright and ancillary copyright (as stipulated in  the German Copyright Act (UrhG) and the German Art Copyright Act (KUG), among others).  Unless otherwise indicated (e.g., via Creative Commons or other licenses), all exploitation and  usage rights remain with the author. For technical reasons, all content created by the digital service  is assigned to a specific user account. This may also be the author of the corresponding content. 

Commons or other licenses), all exploitation and usage rights remain with the author. For  technical reasons, all content created on the digital service is assigned to a specific user  account. This may also be the author of the content in question. 

Guest authors or authors other than the user account are named in the text itself. Any reproduction,  processing, or other use requires the consent of the provider or the respective author and is  otherwise prohibited under the UrhG. Any copying, reproduction, or other analog, electronic, or  digital form of copying (including hotlinking, embedding/framing, or embedding) is only  permitted with the provider’s consent. Commercial use is also permitted for non-public and private  purposes or for the presentation of the content of this digital service as part of the same. 

3. Use of external links (“Disclaimer”) 

According to a ruling by the Hamburg Regional Court (Ref. 312 O 85/98, LG Hamburg), providers  may be held jointly responsible for links to external content, i.e., content located outside their own  domain space. This website contains links to third-party websites (“external links”) which were  checked for quality and content by the provider before they were first set. The provider assures that  the link content was legally unobjectionable at the time the link was set. Should this have changed,  please notify us via our contact area. The provider cannot influence the links and therefore cannot  ensure that they will continue to refer to the same content in the future (click at your own risk). The  setting of external links does not mean that the provider adopts the content behind the reference or  link as its own. Constant monitoring of external links is an unreasonable burden for the provider,  which is why it asks for your active assistance: If you notice a legal violation in a link set in this  digital service, the provider asks to be notified immediately and thanks you in advance for your  help. 

If you wish to report a legal violation, please contact the provider. 

4. Access data and server logging 

The use and mere visit of a website may result in information about the access being collected by  the provider or its web space provider. More specifically: date and time of the visit, website name  and other metadata (geolocation, etc.), notification of successful retrieval, browser type and version,  operating system of the end device, files, amount of data transferred, referrer URL (the previously  visited page), IP address (and associated information such as screen resolution) and the requesting  provider. The log created in this process is used only for statistical evaluations for the purpose of  operating, securing, and optimizing the website. The provider may subsequently check the log data  if it suspects unlawful use based on justified suspicion. 

Note: Data transmission online, i.e., on the Internet, is fundamentally insecure and not protected  against access by third parties. 

This educational video provides a summary of the data that is collected when you access a website.

5. Advertising 

The use of contact details in the imprint or other similar information for advertising purposes or  commercial advertising is expressly not desired, unless the provider has given its prior written  consent or a business relationship with the provider already exists. The provider and all persons  named on this website hereby object to any commercial use and disclosure of their data for  advertising purposes (so-called “spam”). 

This offer uses advertising inserts. These are provided by various third parties, which are mentioned  by name in the following points. 

6. Cookies 

Cookies are files (often small text files) that store specific information relating to the user’s access  device (PC, smartphone, etc.). They serve to improve the user-friendliness of websites and thus  benefit users (e.g., storage of login data). On the other hand, they are also used for the statistical  recording of user behavior on websites, usually for the purpose of analyzing and improving the  content or the entire website. Most browsers, such as Mozilla Firefox, Google Chrome, etc., have  built-in options that allow you to control or prevent the storage of cookies. 

Note: Many online services rely on cookies. Cookies are not inherently harmful. Perhaps not their  use, but at least the convenience of the user interface may be limited if cookies are disabled. 

If cookies are to be restricted, this can be done via the provider’s website settings or via the  following organizations: 

• Preference Manager of the German Federal Association of the  

Digital Economy (Bundesverband Digitale Wirtschaft e.V.):  

www.meine-cookies.org/cookies_verwalten/praeferenzmanager.html 

• Digital Advertising Alliance (DAA): www.aboutads.info/choices/ 
• Network Advertising Initiative (NAI): optout.networkadvertising.org/?c=1
• European Interactive Digital Advertising Alliance (EDAA): www.youronlinechoices.com/de/praferenzmanagement

7. Data processing 

7.1 Personal data 

According to Art. 4, para. 1 GDPR (further information in this podcast on the GDPR), personal  data is any information relating to an identified or identifiable natural person (hereinafter referred  to as “data subject”); A natural person is considered identifiable if they can be identified, directly  or indirectly, in particular by association with an identifier such as a name, an identification  number, location data, an online identifier, or one or more factors specific to the physical,  physiological, genetic, mental, economic, cultural, or social identity of that natural person.

This includes information relevant to digital services such as this offer, such as name, email  address, or telephone number. However, information about personal preferences, memberships in  organizations, or website visits may also be stored as personal data. Personal data is collected,  processed, and used by the provider exclusively within the legal framework or with the consent of  the user. 

7.2 Contact form 

When contacting the provider (via contact form, email, or similar processes), the contact details are  stored for technical processing, inquiry processing, and correspondence handling. 

In a contact form, certain fields in an online form are filled in with personal data, which is then sent.  The electronic file system processes this information and sends it to the provider as an email. For  this purpose, data is (temporarily) stored by the provider’s host. For more information, see Website  hosting in this privacy policy. 

7.3 Comment function 

There is a comment function in the blog systems of this offer. Users can comment on content and  provide a name, email address, and website for this purpose. This data, including the comment text,  is stored by the host. For more information, see Website Hosting in this privacy policy. In addition,  the IP address is also stored for technical reasons. In doing so, the provider simultaneously protects  itself against any legal action by third parties in the event that legally questionable or illegal content  (in the respective areas of validity) is created in the comments, such as insults, illegal propaganda,  hate speech, incitement to violence, etc. 

7.4 Deletion of content indexed in search engines in accordance with  European data protection law 

Content from the website also appears in search results from search engines such as Google, Bing,  or Yahoo. Based on resolutions and legal decisions, citizens of the European Union may request the  deletion of their content indexed by these search engines. The provider is not obligated to do so, but  would like to help you. You can find the necessary forms here: 

• Deletion from Google: www.google.com/webmasters/tools/legal-removal request? complaint_type=rtbf&hl=en 
• Deletion from Bing: www.bing.com/webmaster/tools/eu-privacy-request 

8. Rights of the data subject 

The user of this offer is referred to as the data subject under data protection law if personal data has  been collected that can identify the user. As the data subject, the user has various rights under  Chapter III of the GDPR, which you will be informed about: 

• You may request to be informed whether personal data has been processed and may  request information in accordance with Art. 15 GDPR;
• You may have this data completed or incorrect data corrected in accordance with Art. 16  GDPR; 
• You may have this data deleted or the processing of this data restricted in accordance with  Art. 17f GDPR; 
• You may request the disclosure of this data and its transfer to others in accordance with  Art. 20 GDPR; 
• You may lodge a complaint with a supervisory authority (usually the state data protection  authority) if you believe that the processing of your personal data violates the law in  accordance with Art. 77 GDPR. 

These rights may only be restricted on the basis of legitimate interests, e.g. due to legal  obligations to retain certain information, such as for tax purposes. 

9. Special terms of use 

Insofar as special conditions for individual uses of this website deviate from the aforementioned  points 1 to 8, this will be expressly pointed out at the appropriate place. In this case, the special  terms of use apply in each individual case. 

10. Data transfer within and outside the EU  

(standard contractual clauses) 

When personal data is collected, used, and processed, it is stored. Depending on the process, this  may occur in different locations and countries. The following sub-sections regulate these data  transfers. 

10.1 Data processing in other EU countries 

Data may be transferred to a third country within the European Union, the European Economic  Area, or the Swiss Confederation in accordance with Art. 3 GDPR. This must be done within the  scope of the activities of a branch of a controller or processor in the Union, regardless of whether  the data processing takes place in the Union. 

10.2 Data processing in non-EU countries 

The transfer or processing of personal data to third countries or to international organizations  outside the European Union may be carried out in accordance with Articles 44 to 49 GDPR if the  European Commission has decided that the third country, a territory or one or more specific sectors  in that third country, or the international organization in question offers an adequate level of  protection (so-called 

EU adequacy decision). A list of accepted third countries in accordance with the adequacy decision can be found on the European Commission’s website.

10.3 Data transfer to the USA 

Until June 2020, the Privacy Shield agreement (known as Safe Harbor until 2015) was considered  an adequacy decision by the European Commission and the US federal government; both  agreements have been overturned by the European Court of Justice. They are being replaced by  standard contractual clauses, unless another agreement comes into force. 

10.4 Standard contractual clauses 

These standard contractual clauses are intended to ensure compliance with the requirements of the  GDPR on the protection of natural persons with regard to the processing of personal data, on the  free movement of data, and on the repeal of Directive 95/46/EC on the transfer of personal data to  a third country. 

These clauses contain appropriate safeguards, including enforceable rights of data subjects and  effective legal remedies in accordance with Article 46(1) and Article 46(2)(c) GDPR, as well as  — with regard to data transfers from controllers to processors and/or from processors to  processors — standard contractual clauses pursuant to Article 28(7) of the GDPR, provided that  these are not amended, with the exception of the selection of the relevant module or modules or  the addition or updating of information in the annex. This does not prevent the parties from  incorporating the standard contractual clauses set out in these clauses into a more comprehensive  contract and/or adding further clauses or additional safeguards, provided that these do not directly  or indirectly conflict with these clauses or restrict the fundamental rights or freedoms of the data  subjects. 

The provider (here: data exporter) assures that it has satisfied itself, within reasonable limits, that  the processor (data importer) is able to fulfill its obligations under these clauses by implementing  appropriate technical and organizational measures. Terms that are identical to those used in the  GDPR shall be understood in the same way. 

10.4.1 Data transfer 

The data importer shall process the personal data only on documented instructions from the data  exporter. The data exporter may issue such instructions throughout the term of the contract. The  data importer shall inform the data exporter without delay if it is unable to comply with these  instructions. The data importer shall process the personal data only for the specified purposes,  unless further instructions are given by the data exporter. 

10.4.2 Transparency 

Upon request, the data exporter shall provide the data subject with a copy of these clauses,  including the Annex completed by the parties, free of charge. To the extent necessary to protect  trade secrets or other confidential information, including the measures described in Appendix II and  personal data, the data exporter may redact parts of the text of the Appendix to these clauses before  providing a copy; however, it shall provide a meaningful summary if the data subject would  otherwise not be able to understand the content of the Appendix or exercise their rights

. Upon request, the parties shall inform the data subject of the reasons for the redactions to the  extent possible without disclosing the redacted information. This clause is without prejudice to the  data exporter’s obligations under Articles 13 and 14 of the GDPR. 

10.4.3 Accuracy 

If the data importer determines that the personal data received is inaccurate or out of date, it shall  immediately inform the data exporter. In this case, the data importer shall cooperate with the data  exporter to delete or correct the data. 

10.4.4 Duration of processing and deletion or return of data 

The data will only be processed by the data importer for the period specified in Annex I.B. At the  choice of the data exporter, upon termination of the provision of data processing services, the data  importer shall either delete all personal data processed on behalf of the data exporter and certify to  the data exporter that this has been done, or return all personal data processed on behalf of the data  exporter to the data exporter and delete any existing copies. 

Until the data is deleted or returned, the data importer shall continue to ensure compliance with  these clauses. If local laws apply to the data importer that prohibit it from returning or deleting the  personal data, the data importer shall ensure that it continues to comply with these clauses and only  processes this data to the extent and for as long as required by the relevant local laws. This is  without prejudice to Clause 14, in particular the data importer’s obligation under Clause 14(e) to  notify the data exporter during the term of the contract if it has reason to believe that it is or will be  subject to laws or practices that are not consistent with the requirements of Clause 14(a). 

10.4.5 Security of processing 

1. a) The data importer and, during the data transfer, the data exporter shall take appropriate  technical and organizational measures to ensure the security of the data, including protection  against any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or  access to, such data (hereinafter referred to as “personal data breach”). When assessing the  appropriate level of protection, the parties shall take due account of the state of the art, the costs  of implementation, the nature, scope, context, and purposes of the processing, as well as the risks  associated with the processing for the data subjects. The parties shall in particular consider  encryption or pseudonymization, including during data transmission, if this allows the purpose of  the processing to be fulfilled. In the case of pseudonymization, the additional information that can  be used to assign the personal data to a specific data subject shall, as far as possible, remain under  the exclusive control of the data exporter. To fulfill its obligations under this paragraph, the data  importer shall implement at least the technical and organizational measures listed in Annex II.  The data importer shall conduct regular checks to ensure that these measures continue to provide  an adequate level of protection.
2. b) The data importer shall grant its personnel access to the personal data only to the extent that  this is strictly necessary for the performance, management, and monitoring of the contract. It  shall ensure that the persons authorized to process the personal data have committed themselves  to confidentiality or are subject to an appropriate statutory duty of confidentiality. 
3. c) In the event of a breach of personal data protection in connection with the processing of personal  data by the data importer in accordance with these clauses, the data importer shall take appropriate  measures to remedy the breach, including measures to mitigate its adverse effects. In addition, the  data importer shall notify the data exporter of the breach without undue delay after becoming  aware of it. This notification shall include contact details for a point of contact for further  information, a description of the nature of the breach (including, where possible, the categories and  approximate number of data subjects concerned and the approximate number of personal data  records concerned), the likely consequences of the breach, and the measures taken or proposed to  be taken to address the breach and, where appropriate, measures to mitigate any adverse effects. If  and to the extent that not all information can be provided at the same time, the initial notification  shall contain the information available at that time, and further information shall be provided  without undue delay as soon as it becomes available. 
4. d) Taking into account the nature of the processing and the information available to the data  importer, the data importer shall cooperate with the data exporter and assist it in complying  with its obligations under Regulation (EU) 2016/679, in particular to notify the competent  supervisory authority and the data subjects. 

10.4.6 Sensitive data 

Where the transfer involves personal data revealing racial or ethnic origin, political opinions,  religious or philosophical beliefs, or trade union membership, or genetic data or biometric data for  the purpose of uniquely identifying a natural person, data concerning a person’s health, sex life, or  sexual orientation, or data concerning criminal convictions and offenses (hereinafter “sensitive  data”), the data importer shall apply the specific restrictions and/or additional safeguards described  in Annex I.B. 

10.4.7 Onward transfers 

The data importer shall only transfer personal data to third parties on the basis of documented  instructions from the data exporter. The data may also only be transferred to third parties located  outside the European Union (4) (in the same country as the data importer or in another third  country) (hereinafter referred to as “onward transfer”) if the third party is bound by these clauses  under the relevant module or agrees to be bound by them, or if 

1. the onward transfer is to a country for which an adequacy decision pursuant to Article  45 of Regulation (EU) 2016/679 covering the onward transfer applies.
2. the third party provides appropriate safeguards in accordance with Article 46 or Article  47 of Regulation (EU) 2016/679 with regard to the processing in question, 
3. the onward transfer is necessary for the establishment, exercise, or defense of legal  claims in connection with certain administrative, judicial, or regulatory  

proceedings; or 

4. the onward transfer is necessary to protect the vital interests of the data subject or another  natural person. 

Any onward transfer shall be subject to the condition that the data importer complies with all  other safeguards under these clauses, in particular the purpose limitation. 

10.4.8 Documentation and compliance with the Clauses 

1. a) The data importer shall process requests from the data exporter relating to processing under  these clauses promptly and in an appropriate manner. 
2. b) The parties must be able to demonstrate compliance with these clauses. In particular, the data  importer shall keep appropriate records of the processing activities carried out on behalf of the data  exporter. 
3. c) The data importer shall provide the data exporter with all information necessary to demonstrate  compliance with the obligations laid down in these clauses; at the request of the data exporter, it  shall enable the data exporter to verify the processing operations covered by these clauses at  reasonable intervals or in the event of indications of non-compliance, and shall contribute to such  verification. In deciding whether to conduct a review or audit, the data exporter may take into  account relevant certifications of the data importer. 
4. d) The data exporter may conduct the audit itself or engage an independent auditor. Audits  may include inspections of the data importer’s premises or physical facilities and shall be  conducted with reasonable advance notice, where appropriate. 
5. e) The parties shall make the information referred to in points (b) and (c), including the results of  audits, available to the competent supervisory authority upon request. 

11.Processors 

The provider has concluded a data processing agreement (DPA) with the following companies,  organizations, and entities. This agreement regulates the standard commissioning of the provider for  data processing by the data processor, e.g., Facebook, Inc. or Google, Inc. 

According to information provided by the providers, the data collected in this process is not  merged with other data. In view of past journalistic revelations such as the Snowden and NSA  affair (2013), the Cambridge Analytica case in connection with Facebook (2018), the so-called  Facebook Papers, and the so-called Schrems judgments of the European Court of Justice (ECJ),  there is no absolute certainty regarding this statement, especially with regard to US providers.  Whether through official orders, espionage, or data leaks (see list here). In the event of a factual  contradiction to the statements made above, the following persons are to be named as

responsible. In this case, a breach of contract must be certified, as the provider acted in good faith  based on the honesty and sincerity of the other contracting party. 

11.1 Use of Facebook / Meta 

The operator is Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States.  Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is  responsible for Europe. The provisions of this privacy policy apply to data processing and  transfer. 

11.1.1 Facebook 

The operator is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The  provisions of this privacy policy regarding data processing and transmission apply. 

The provider may use Facebook functions, including chat or video calls, presentation of telemedia  (profile, page, group), and other functions. When using these functions, data is sent to the operator.  The provider does not receive any user data or other evaluations from the operator. 

Personalized information from Facebook or partners can be displayed via the “Like” button (also  known as a plugin or button) from Facebook. At the same time, Facebook and partners receive  information about the respective user, including that a “Like” has been given, that the button has  been accessed, and that the button has been clicked. Furthermore, Facebook can also display your  information within the Facebook social network, e.g., in the context of statistical information on  your profile or lists of your habits on the network. The use of “Like” or Facebook activities is  recorded by Facebook to improve its services. A Facebook account is required to use the button.  The registration and login terms and conditions as specified by Facebook or the relevant rights  holder apply. In addition, Facebook processes the information you provide in accordance with the  applicable Facebook privacy policy. Facebook may publish statistics or excerpts about users’ “Like”  activities or share them with other users or partners. 

You can find an overview of Facebook plugins here: 

http://developers.facebook.com/docs/plugins/. Further information on this can be found in  Facebook’s privacy policy at http://de-de.facebook.com/policy.php. If you want to prevent the use,  collection, or processing of your user data, please log out of your account before visiting the  website. 

Pixel-sized files, known as pixels (also called Facebook pixels or tracking pixels), can be set via  Facebook. When you visit the website, this pixel is also retrieved from the Facebook server. First,  technical information such as browser, operating system, IP address, and access data (date, time,  geographical information) is retrieved. Among other things, this serves to improve this website and  the user interface. This also includes click and surfing behavior, i.e., when which pages are opened  for how long and what was particularly interesting on these pages, e.g., how long the scroll wheel  did not move. Technically, this behavior can be assigned to individual users, but

it is neither our intention nor that of Facebook to observe individual users, but rather to create a  better user interface based on general behavior. 

11.1.2 WhatsApp 

The operator is WhatsApp Inc., c/o Facebook Inc., 1601 Willow Rd, Menlo Park, CA 94025, USA.  The provisions of this privacy policy regarding data processing and transmission apply. 

The provider may use WhatsApp functions, including chat and video calls. These refer to video  and audio recordings via telecommunications technologies that enable simultaneous conversations.  When using these functions, data is sent to the operator. The provider does not receive any user  data or other evaluations from the operator. 

Further information can be found in the privacy policy at https://www.whatsapp.com/legal/ 

11.1.3 Use of Instagram 

Instagram is an online platform operated by the US company Instagram LLC, 1601 Willow Road,  Menlo Park, CA 94025, United States. The provisions of this privacy policy regarding data  processing and transmission apply. 

This offer may use Instagram functions. This links the pages you visit to your Instagram account.  Other Instagram users will be informed of this and your posts may be publicly visible if you have  not set them to private. When using this service, data is sent to Instagram. The provider does not  receive any user data or other evaluations from Instagram. 

For more information, please refer to the Instagram privacy policy at 

https://help.instagram.com/519522125107875 or 

https://www.facebook.com/help/contact/540977946302970 and your privacy settings at https://www.instagram.com/accounts/privacy_and_security/. 

11.2 Use of Google 

This offer may use Google functions. The operator is Google Inc., 1600 Amphitheatre Parkway,  Mountain View, CA 94043, United States. Google Ireland Ltd, Gordon House, Barrow Street,  Dublin 4, Ireland, is responsible for Europe. Both companies belong to Alphabet Inc., 1600  Amphitheatre Parkway, Mountain View, CA 94043, United States. The provisions of this privacy  policy apply to data processing and transmission. 

11.2.1 Use of Google Analytics 

Google Analytics is a service for analyzing web content. For this purpose, cookies are set, i.e., text  files are stored at least temporarily on your computer to enable an analysis of the use of a website.  The cookie collects information that is stored by Google in Ireland or the United States.

You can object to the storage of cookies. To do this, there are corresponding settings in your  browser software (e.g., in the Firefox browser under “Tools” -> “Settings” -> “Privacy & Security”  -> “History”). Please note that the website may no longer function properly if cookies are  deactivated. Furthermore, you can find a browser plugin that you can download and install to  prevent the use of cookies via the following link: http://tools.google.com/dlpage/gaoptout?hl=de. 

11.2.2 Anonymization 

Google services generally work with IP addresses. This service anonymizes IP addresses that access  this telemedia. Within the territory of the member states of the European Union and other signatory  states to the Agreement on the European Economic Area, IP addresses are truncated before being  transmitted to Google. For this purpose, a supplementary line of code 

“ga(‘set’, ‘anonymizeIp’, true);” is added to the Google Analytics tracking code. Only in exceptional  cases is the full IP address transmitted to Google in the USA, but it is then also truncated there. 

If this is not technically possible, please notify us so that the provider can make corrections as soon  as possible. 

11.2.3 Use of Google AdSense 

This offer may use functions of Google AdSense, a service for integrating advertisements from  Google Inc. (“Google”). Google AdSense uses “cookies,” text files that are stored on your computer  and enable an analysis of your use of the website. Google AdSense also uses so-called web beacons  (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic  on these pages. The information generated by cookies and web beacons about your use of this  website (including your IP address) and the delivery of advertising formats is transmitted to a  Google server in the USA and stored there. This information may be passed on by Google to  Google’s contractual partners. However, Google will not merge your IP address with other data  stored about you. You can prevent the installation of cookies by adjusting your browser software  settings accordingly; however, we would like to point out that in this case you may not be able to  use all the functions of this website to their full extent. By using this website, you consent to the  processing of data about you by Google in the manner and for the purposes set out above. You can  change your preferred settings via https://www.google.com/ads/preferences, log out of your Google  account to use this website more anonymously, or switch to a browser other than your current one  for the duration of use. 

Google AdSense works with various third-party partners for this purpose, including those listed on  this website: 

• Elements of the service OpenX Technologies Inc., 888 East Walnut Street, 2nd Fl,  91101 Pasadena/CA, United States of America. Further information can be found here: https://openx.com/legal/privacy-policy/.
• Elements of the Datalogix service from Oracle Corporation, 7700 Technology Way,  Denver, CO, 80237, United States of America. Further information can be found here: https://www.datalogix.com/privacy/ 
• Elements of the Aggregate Knowledge service from Neustar, Inc., 46000 Center Oak Plaza,  Sterling, VA, 20166, United States of America. Further information can be found here: https://www.neustar.biz/privacy/privacy_policy 
• Elements of the Double Verify service from DoubleVerify, Inc., 575 8th Avenue, 8th  Floor, New York, NY, 10018, United States of America. Further information can be  found here: http://www.doubleverify.com/privacy/ 

11.2.4 Use of Google Fonts 

This website may use external fonts, known as “Google Fonts” (for more information,  visitwww.google.com/webfonts ). This Google service integrates fonts (also known as typefaces)  from external sources, including Google servers in the United States. This transmits information  about when and where this website is used. 

Further information can be found at https://developers.google.com/fonts/faq?hl=de-DE&csw=1 

11.2.5 Use of Google reCAPTCHA 

This service may use reCAPTCHA functions; this procedure is intended to additionally authenticate  contact forms in order to distinguish organic persons from machine or automated systems (“I am not  a robot”). This serves to combat spam. 

This is made possible by the reCAPTCHA service, a subsidiary of Google. To submit a web form,  certain image combinations are requested and compared with an existing database. Information  such as IP address, location, and code entry is collected, used, and processed by the reCAPTCHA  service as part of the authentication process. The results are also used (as far as known) in  anonymized form to optimize other services such as Google Street View or Google Maps. 

However, if IP anonymization is active on this offer, your IP address will be truncated by  Google within the European Union or in other signatory states to the Agreement on the  European Economic Area. Only in special or exceptional cases will the unshortened IP address  be transferred to a server in the United States and then shortened there. On behalf of the provider  of this website, Google evaluates your use of the reCAPTCHA service, but does not combine  data such as the IP address transmitted by your browser with other data from Google. 

Further information about the service can be found here: 

https://www.google.com/recaptcha/intro/invisible.html and Google’s privacy policy here: https://www.google.com/intl/de/policies/privacy/. 

11.2.6 Google Tag Manager 

This offer may use elements of the Google Tag Manager service, which is operated by Google.  Google Tag Manager is part of the Google Display Network, a collection of millions of websites  and mobile applications based on display advertising, including many Google services such as  YouTube. Google also operates the DoubleClick digital advertising platform: the ad technology  foundation for creating, trading, and managing digital advertising for buyers, creators, and

sellers. The DoubleClick platform includes DoubleClick Advertising Exchange and DoubleClick  Bid Manager. Further information can be found here: 

https://www.google.com/intl/de/tagmanager/use-policy.html 

11.3 Use of Gravatar 

This offer may use elements and user images (so-called “avatars”) from the Gravatar service,  operated by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, United States  of America. The provisions of this privacy policy regarding data processing and transmission  apply. 

The email address provided in a comment is processed by Gravatar to display a user image  associated with that email address. The email address is transmitted in encrypted form to Gravatar  servers. Your IP address is stored when the images are displayed. 

Gravatar assures that it will never rent, sell, otherwise disclose, or publish the email address.  Further information can be found here: https://de.gravatar.com/site/privacy 

You can object to the collection of your email address by using a different address in the  comments for which no Gravatar image is stored. 

11.4 Use of X (formerly Twitter) 

X (formerly Twitter) is a microblogging service provided by the US company X Corp., Suite 900,  1355 Market Street, San Francisco, California, 94103, United States. The provisions of this  privacy policy regarding data processing and transmission apply. 

This service may use Twitter functions, including the repost function (formerly “Re-Tweet”). This links the pages you visit to your Twitter account. Other users are informed of  this and your posts (known as “tweets”) are publicly visible unless you have set them to private.  When you use this feature, data is sent to Twitter. 

The provider does not receive any user data or other evaluations from Twitter. 

Further information can be found in the privacy policy at https://x.com/privacy and in your privacy  settings at https://x.com/account/settings. 

11.5 Use of a newsletter 

This offer provides newsletters to inform users about its own offerings. After giving their consent,  users generally receive a monthly newsletter by email with current topics from net culture, social  media, online business, PR, and related topics. Examples of this can be viewed here in the June  2017 issue and the February 2019 issue. 

To receive the newsletter, users will receive a confirmation email at a previously specified email  address. The information provided allows verification of the identity of the owner or authorized  representative of the email address provided. As a rule, no further data is collected. The data  provided is used only for sending the newsletter and is not passed on to third parties or used or  processed in any other way. When users register for the newsletter, the provider automatically  stores the IP address and the

registration date automatically in order to have proof of the process in the event of misuse of the  user’s email address. Users can object to receiving the newsletter at any time by using the  unsubscribe link provided in each newsletter, other specified contact options, or the reply function  of the email. 

11.5.1 The Newsletter Plugin 

“The Newsletter Plugin” is a WordPress newsletter plugin developed by the Italian company Web  Agile S.a.s. di Fietta Roberto, based in Mussolente (VI), via Trieste 8, P., Italy (VAT  03809490240). The provisions of the General Data Protection Regulation apply. 

This offer may use functions of “The Newsletter Plugin,” including analysis of newsletter  campaigns. When an email sent with the plugin is opened, a file contained in the email, known as  a web beacon, connects to the servers of “Newsletter.” 

This allows the provider to determine whether a newsletter message has been opened and which  links have been clicked, as well as to collect technical information such as the time of retrieval,  the IP address, the browser type, and the operating system. This information cannot be linked to  

the respective newsletter recipient and is used solely for the statistical evaluation of newsletter  campaigns. The results of this analysis can be used to better tailor future newsletters to the  interests of the recipients. 

If you do not want this data to be evaluated, you must unsubscribe from the newsletter. A link for  this purpose is provided in every newsletter message. 

Further information can be found at the provider’s website: 

https://www.thenewsletterplugin.com/documentation/gdpr-compliancy 

11.5.2 Mailchimp 

Newsletters may be sent via “MailChimp,” a newsletter service provided by the US company  Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, United  States of America. The provisions of this privacy policy regarding data processing and  transmission apply. 

Information is stored on MailChimp’s servers in the USA, including the email addresses of the  newsletter recipients of this offer and other data mentioned and described here. This data will  contain information for sending the newsletter on behalf of the provider and evaluating the dispatch.  MailChimp may also use this data to improve its own services, for example, to resolve technical  issues or conduct market research (e.g., using the geolocation information sent via the IP address  about the origin and operating system of the newsletter recipients). However, MailChimp assures  that no recipient data will be used for any purpose other than to fulfill the provider’s order. 

The provider relies in good faith on the information provided by MailChimp, according to which  the company is obliged to comply with EU data protection regulations; for further information, see  here: https://mailchimp.com/de/gdpr/ 

MailChimp was commissioned to collect, use, and process personal data on the basis of legitimate  interests. For this purpose, a data processing agreement was concluded.

concluded, in which MailChimp undertakes to protect user data, to process data only on behalf of  the provider, and never to pass it on to third parties. 

Tracking pixels (also known as web beacons, analytics codes, etc.) are used in the newsletter. These  are pixel-sized invisible files that are retrieved from MailChimp’s US servers when the newsletter is  accessed. This retrieves information such as your IP address, which allows access to geographical  location, the browser used for viewing, the operating system, and other information that is  transmitted by default via the IP address. This information is retrieved on the basis of legitimate  interests in order to improve the service, resolve technical difficulties, or allow statistical analysis  for the purposes of corporate market research. 

The statistical information collected includes whether the email was received at all, whether, when,  and how often it was opened, whether and which links in the email were clicked, and whether  further actions were taken, such as filling out a form within a specific link. Technically, these  actions can be assigned to individual newsletter recipients. However, both the provider and  MailChimp assure that this is only for the purpose of improving the service. 

In some cases, links may redirect you to MailChimp websites, e.g. for an HTML version of the  newsletter. Further information and MailChimp’s privacy policy can be found here: https://mailchimp.com/legal/privacy 

Please note: If you click on the link above, you will be redirected to a MailChimp website. Cookies  and statistics providers such as Google Analytics collect personal data about you there. 

11.6 Use of rich media content 

Image, moving image, and audio files such as videos or MP3 files are considered “rich media.” On  the pages of this website, you will find download options, e.g., for a podcast. If you click on the  play or download button, the relevant file will be downloaded to your computer, at least  temporarily, and dedicated playback software (e.g., MP3 player software) will be accessed. The  same technical principles apply here as for data access in general. 

If you want to avoid your personal data being collected, do not play or download any of the formats. 

11.7 Use of Disqus 

This offer may use elements from Disqus, Inc., 301 Howard St, Floor 3 San Francisco, California  94105, United States. The provisions of this privacy policy apply to data processing and  transmission. 

Disqus is a comment management system that you can use anonymously or with a user account.  Without registration, Disqus collects your IP address and associated data such as geolocation  information, timestamp, country of origin, operating system, etc. You can also create a user account  via an email address or a social login procedure, e.g., via Google+, Facebook, or Twitter. You can  find more information about social login here: https://en.wikipedia.org/wiki/Social_login

The provider receives information from Disqus that is used solely for the purpose of establishing  contact and does not constitute the collection, use, or processing of personal data. You can find  more information in the Disqus privacy policy: 

http://help.disqus.com/customer/portal/articles/466259-privacy-policy 

11.8 Use of SumoMe 

The provider may use SumoMe functions. The operator is Sumo Group Inc., 1305 E. 6th St 3,  Austin, TX 78702, United States of America. The provisions of this privacy policy regarding data  processing and transmission apply. 

SumoMe uses cookies, which are covered in a separate section of this privacy policy. By using  cookies, SumoMe accesses, among other things, the IP addresses of website visitors, records  their clicking and scrolling behavior, and records entries in forms, e.g., for a newsletter. This  personal data is collected, used, and processed, and temporarily stored on Sumo Group Inc.  servers. Due to national or international legal regulations, Sumo Group Inc. may transfer this  information to third parties, where further processing of the data may take place. 

You can object to the collection, recording, and forwarding of your personal data in accordance  with the GDPR by using anonymization software (e.g., “TOR Browser”) or by deactivating the  execution of JavaScript in your browser (using software such as “NoScript” or “Ghostery”). Further information on data protection when using SumoMe can be found at the  following link: http://www.appsumo.com/privacy/. 

11.9 Use of Apple 

The provider may use Apple functions, e.g., links to iTunes, Apple Podcasts, and the Apple Inc.  App Store for iPhone and iPad. The operator is Apple Inc., located at 1 Infinite Loop, Cupertino,  CA 95014, USA (hereinafter referred to as “Apple”). The provisions of this privacy policy  regarding data processing and transmission apply. 

For more information on data use, please refer to Apple’s privacy policy at http://www.apple.com/de/privacy/privacy-policy/. 

11.10 Use of Zoom 

The provider may use Zoom functions, including the video call function. The operator is Zoom  Video Communications Inc., 55 Almaden Blvd 6th Floor, San Jose, CA 95113, USA. The  provisions of this privacy policy regarding data processing and transmission apply. 

This refers to video and audio recordings via telephone technologies that enable simultaneous  conversation. When using this service, data is sent to the operator. The provider does not receive  any user data or other evaluations from the operator. Further information can be found in the  privacy policy at https://explore.zoom.us/de/trust/legal-compliance/, 

https://explore.zoom.us/de/gdpr/, or https://explore.zoom.us/docs/de-de/privacy.html.

11.11Use of collect.chat 

The provider may use functions of collect.chat. The operator is Collect.chat Inc., 2035 Sunset Lake  Road, Suite B-2 Newark, 19702 Delaware, United States of America. The provisions of this privacy  policy regarding data processing and transmission apply. 

When using the chatbot, a connection is established to Collect.chat servers. The company  guarantees that no personal data will be used for purposes other than those specified in the privacy  policy and terms and conditions; the servers are located in Ireland and are operated by the processor  Amazon Web Services, which complies with the provisions of the Privacy Shield Agreement. 

For more information on data use, please refer to Collect.chat’s privacy policy at https://collect.chat/privacy/ and the terms and conditions at https://collect.chat/terms/. 

11.12 Use of Amazon 

The provider may use Amazon functions, e.g., services linked to this offer such as Amazon Alexa  Skills or Flash Briefings for Amazon Alexa. Amazon Alexa is the name for a smart speaker or  digital personal voice assistant (also known as a voice assistant). The operator is Amazon Media EU  S.à r.l. (Société à responsabilité limitée), 38 avenue John F. Kennedy, L-1855 Luxembourg. The  provisions of this privacy policy apply to data processing and transmission. 

When using the Flash Briefing feature, an RSS feed from the source domain is accessed to extract  text or audio content and output it via the Amazon Alexa assistant. These services can generally be  used for Amazon Alexa without providing any personal data. Amazon Alexa and related services  are operated by the Amazon Web Services (AWS) infrastructure. The service does not need to be  continuously active, but is only activated by Amazon when it is used. These services usually  require a product (e.g., smart speaker) or service (e.g., app) operated by Amazon, which means that  a legally valid contract is entered into with Amazon. Please refer to Amazon’s privacy policy for  more information: https://www.amazon.de/gp/help/customer/display.html?nodeId=3312401/.  When using our digital offering Alexa Flash Briefing “Onlinegeister,” no personal data is  collected, processed, or stored by the provider. As communicated by Amazon, each call is made  without contextualization with previous calls. 

11.13 Use of “Prosodia VGW OS” from VG Wort 

The provider may use functions of Prosodia VG Wort. The operator is Verwertungsgesellschaft  WORT (VG WORT), a legally competent association by virtue of conferral, Untere Weidenstraße  5, 81543 Munich, Germany. The provisions of this privacy policy regarding data processing and  transmission apply. 

This uses “session cookies” from VG Wort, Munich, to measure access to texts in order to record  the probability of copying. Session cookies are small pieces of information that a provider stores in  the visitor’s computer’s working memory. A randomly generated unique identification number,  known as a

session ID. A cookie also contains information about its origin and storage period. Session cookies  cannot store any other data. These measurements are carried out by INFOnline GmbH using the  Scalable Central Measurement Method (SZM). They help to determine the probability of  individual texts being copied for the remuneration of legal claims by authors and publishers. No  personal data is collected via cookies. 

Many of the pages contain JavaScript calls that report access to the Verwertungsgesellschaft Wort  (VG Wort) collecting society. This enables authors to participate in the distributions of VG Wort,  which ensures the statutory remuneration for the use of copyright-protected works in accordance  with Section 53 of the German Copyright Act (UrhG). 

It is also possible to use the services without cookies. Most browsers are set to automatically accept  cookies. However, you can deactivate the storage of cookies or set your browser to notify you as  soon as cookies are sent. 

The websites and mobile web offerings use the “Scalable Central Measurement Method” (SZM)  from INFOnline GmbH (https://www.infonline.de) to determine statistical values for determining  the probability of texts being copied. Anonymous measurements are collected in this process. To  recognize computer systems, the access measurement alternatively uses a session cookie or a  signature created from various automatically transmitted information from your browser. IP  addresses are only processed in anonymized form. The procedure was developed in compliance  with data protection regulations. The sole purpose of the procedure is to determine the probability  of individual texts being copied. Individual users are not identified at any time. Your identity  always remains protected. You will not receive any advertising via the system. 

VG Wort states that both the tracking pixel and the cookie set by it are harmless, as the pages are  accessed anonymously. VG Wort commented on the data protection compliance of its applications  in a press release, available here: 

https://www.vgwort.de/fileadmin/pdf/pressemitteilungen/PM_Datenschutz_METIS_051213_.pdf 

11.14 Use of LinkedIn 

The provider may use LinkedIn features. The operator is LinkedIn Inc., 1000 W Maude Ave,  Sunnyvale, CA 94085, United States. LinkedIn Ireland Unlimited Company, Wilton Place, Dublin  2, Ireland, is responsible for Europe. LinkedIn is a subsidiary of Microsoft Corporation, One  Microsoft Way, Redmond, WA 98052-6399, USA. The provisions of this privacy policy apply to  data processing and transmission. 

This links the pages you visit to your LinkedIn account. Other LinkedIn users will be informed of  this and your posts will be publicly visible unless you have set them to private. When you use the  service, data is sent to LinkedIn. The provider does not receive any user data or other evaluations  from LinkedIn. 

Further information can be found in the LinkedIn privacy policy at 

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv or https://www.microsoft.com/de de/rechtliche-hinweise/nutzungsbedingungen

11.15 Use of Xing 

The provider may use functions of Xing (or XING). The operator is New Work SE, Dammtorstraße  30, 20354 Hamburg, Germany. The provisions of this privacy policy regarding data processing and  transmission apply. 

This links the pages you visit to your Xing account. Other Xing users are informed of this and your  posts are publicly visible unless you have set them to private. When using this service, data is sent  to Xing. The provider does not receive any user data or other evaluations from Xing. 

For more information, please refer to the Xing privacy policy at 

https://privacy.xing.com/de/datenschutzerklaerung or https://privacy.xing.com/de and your privacy  settings at https://www.xing.com/settings/privacy. 

11.16 Use of Microsoft 

The operator is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, or  Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park,  Leopardstown, Dublin 18, Ireland. The provisions of this privacy policy regarding data processing  and transmission apply. 

The provider may use functions of Microsoft services, including the Microsoft Teams function  (this refers to video and audio recordings via telephone technologies that enable simultaneous  conversation). When using this function, data is sent to the operator. The provider does not receive  any user data or other evaluations from the operator. The use of other functions of other services  provided by the operator is also possible. 

Further information can be found in the privacy policy at https://www.microsoft.com/de de/rechtliche-hinweise/nutzungsbedingungen 

11.17 Use of Ionos 

The operator is IONOS SE, for users from Germany: IONOS SE, Elgendorfer Str. 57, 56410  Montabaur; for users from Austria: Mail Boxes Etc. AT0051, IONOS SE, Gumpendorfer Straße,  142/PF 266, 1060 Vienna. The provisions of this privacy policy apply to data processing and  transmission. 

The provider may use functions of Ionos services. When using these functions, data is sent to the  operator. The provider does not receive any user data or other evaluations from the operator. 

Further information can be found in the privacy policy at https://www.ionos.de/terms-gtc/terms privacy?linkId=ft.nav.privacypolicy 

11.18 Use of Meet.jit.si 

The operator is 8×8 Inc., 1-888-593-1560, Global Headquarters, 675 Creekside Way, Campbell,  CA 95008, USA. The provisions of Section 9 of this privacy policy regarding data processing  and transmission apply.

The provider uses functions from Meet.jit.si, including the video call function. This refers to video  and audio recordings via telecommunications technologies that enable simultaneous conversation.  When using this function, data is sent to the operator. The provider does not receive any user data or  other evaluations from the operator. 

Further information can be found in the privacy policy at https://jitsi.org/meet-jit-si-privacy/ 

11.19Affiliate services (Amazon, eBay, Zanox, Apple Music, Apple  Podcasts, Blubrry) 

We participate in the Amazon EU / eBay Partner Program / Zanox.com Partner Program / Apple  Partner Program / Blubrry Partner Program, which was designed to provide a medium for websites  to earn advertising fees by placing advertisements and links to Amazon.de / ebay.de / advertising  partners of the affiliate platform Zanox.com / Apple Partner Program / Blubrry Partner Program.  These services use cookies to track the origin of orders. Among other things, this allows them to  recognize that you clicked on the affiliate link on this website. The provisions of Section 10 of this  Privacy Policy regarding data processing and transmission apply. 

For more information on how Amazon uses data, please refer to the company’s privacy policy: http://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?  

ie=UTF8&nodeId=3312401 

For more information on eBay’s use of data, please refer to the company’s privacy policy: http://pages.ebay.de/help/policies/privacy-policy.html 

For more information on data use by Zanox, please refer to the company’s privacy policy: http://www.zanox.com/de/ueber-zanox/datenschutz/ 

For more information about Apple’s use of data, please see the company’s privacy policy: http://www.apple.com/legal/privacy/de-ww/ 

For more information on data use by Blubrry, please refer to the company’s privacy policy: https://create.blubrry.com/resources/about-blubrry/privacy-policy/ 

11.20 Integration of Pinterest and Pinterest Tags 

The operator for the European region is Pinterest Inc., 651 Brannan St #310, San Francisco, CA  94107, United States. The provisions of this privacy policy apply to data processing and  transmission. 

The provider may use functions of Pinterest services, including the Pinterest Tag function for  analyzing web content. For this purpose, cookies are set, i.e., text files are stored at least  temporarily on your computer to enable an analysis of the use of a website. The cookie collects  information that is stored by Pinterest in Ireland, the United States, and possibly other locations.  The provisions of this privacy policy regarding data processing and transmission apply. 

Enhanced Match has been activated for Pinterest Tag. This uses encrypted information that  customers have already provided to the provider. In this way, Pinterest assigns

The provider assigns conversions to individual users on Pinterest. Possible information  includes: email address, first and last name, telephone number, gender, date of birth, city,  state, postal code, and country. 

For more information, please refer to the privacy policy at 

https://policy.pinterest.com/de/privacy-policy-2016 

11.21 Integration of TikTok and TikTok Pixel 

The operator for the European region is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin,  D02 T380, Ireland, or TikTok Inc., 5800 Bristol Pkwy Culver City, CA 90230, or, as the majority  owner, ByteDance Ltd., 1199 Coleman Ave, San Jose, CA 95110, United States, or ByteDance  Technology Co Ltd., Room 10A, Building 2, No. 48, Zhichun Road, Beijing, Beijing, 100098 (北京 字節跳動科技有限公司). The provisions of this privacy policy regarding data processing and  transmission apply. 

The provider may use functions of TikTok services, including the TikTok pixel function for  analyzing web content. For this purpose, cookies are set, i.e., text files are stored on your computer  at least temporarily to enable an analysis of the use of a website. The cookie collects information  that is stored by TikTok in Ireland, the United States, and possibly other locations. The provisions  of this privacy policy regarding data processing and transmission apply. 

Further information can be found in the privacy policy at 

https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE 

11.22 Integration of Certificate24 

The operator is Struktur AG, Hauptmannsreute 44A, 70192 Stuttgart, Germany, Stuttgart Local  Court HRB 21388, VAT ID: DE813068104. The provisions of this privacy policy regarding data  processing and transmission apply. 

The provider may use Certificate24 functions, including the function for digitally signing online  documents, specifically the software at apps.nextcloud.com/apps/certificate24. For this purpose, the  provider creates an account with the operator, through which the provider’s customers can use the  above-mentioned functions. Cookies are set for this purpose. 

i.e. text files are stored on your computer at least temporarily in order to be able to offer the above mentioned function. Certificate24. The provisions of this privacy policy regarding data processing  and transmission apply. 

Further information can be found in the privacy policy at https://www.certificate24.com/#/privacy 

11.23 Integration of OnlyOffice 

The operator is Ascensio System SIA, 20A-6 Ernesta Birznieka-Upish Str., Riga, Latvia, EU, LV 1050, or, as a holding company, Onlyoffice Capital Group Pte. Ltd, 68 Circular Road #02-01,  Singapore, Singapore, 049422. The provisions of this privacy policy apply to data processing and  transmission.

The provider may use OnlyOffice functions, including applications for creating, editing, storing,  etc. text documents, spreadsheets, and presentation files, specifically the software  atwww.onlyoffice.com/office-for-nextcloud.aspx . For this purpose, the provider creates an  interface to the operator, through which the provider’s customers can use the above-mentioned  functions. Cookies are set for this purpose, i.e., text files are stored on your computer at least  temporarily in order to offer the above-mentioned function. Certificate24 is stored. The provisions  of this privacy policy regarding data processing and transmission apply. 

Further information can be found in the privacy policy at https://www.certificate24.com/#/privacy 

11.24 Integration of additional services and content from other  third parties (YouTube, Google Maps, etc.) 

Additional third-party content may appear in this offering, e.g., YouTube or Google Maps  embeds, hotlinked graphics, or other content. The provisions governing data transfers within and  outside the European Union and secure third-party locations as agreed in this privacy policy  regarding data processing and transfer apply. 

In the case of third-party services, website visitor data such as IP addresses is collected in order to  perform the respective technical function (e.g., playing a video or displaying map material). The  provider affirms that it uses only content from providers that are reputable at the time of entering  into the contract and have been checked by the provider. However, it may happen that third parties  also collect additional data. This also applies if third-party services represented here change their  privacy policies, terms and conditions, or other guidelines to the detriment of this offer or your  user data. Unfortunately, we cannot regularly check all third-party partners and are therefore  dependent on your cooperation and grateful for it. As soon as we become aware of this, we will  take immediate corrective action. 

12. Provider platforms 

The provider provides web-based software under this domain and all other associated domains or  subdomains, which have the features described under the tail URL /pricing or on the description  pages of the respective offers (e.g., for CAMPUS) at the time of the respective conclusion of the  contract. 

Only offers actively available on the website are binding; currently, these include in particular: 

• Homeoffice Cloud CAMPUS, based on the open source software Nextcloud and its apps  such as Talk or Cospend. When using this service, access data is automatically stored on  the provider’s server (specifically IP address, login, login duration, subpages visited). The  provider itself does not have root access and only has access to the following user data:  user name, display name, email address, last login, currently used storage quota, and total  storage quota. This information is automatically logged and deleted after two weeks. When  using CAMPUS, no data is passed on to third parties

. The provider uses a German contract processor who provides the server and has indirect  root access (login is via SSH key exchange, which is currently one of the most secure login  methods). An additional TURN server is used for the Talk sub-service, which in this  context is equivalent to a P2P connection. The source code is publicly available; an  overview can be found at the tail URL /campus/github. 

• TALK+, the application is based on the BigBlueButton software, which is available as open  source. A TURN server is used during operation, which in this context is equivalent to a P2P  connection. With transport or end-to-end encryption, the data to be transported is encrypted,  but is accessible to the provider and its processors, which is, however, unavoidable for the  technical provision of the service and is therefore in the legitimate interest of both the  provider, the processor, and the contracting party defined as the customer in the terms and  conditions, and is thus accepted or tolerated by all. All logs on the server are set exclusively  to the “ERROR” level or completely deactivated, so that no user data appears or is stored in  the server logs. The same applies to the software used, which is also set up in such a way  that no user data is stored. The only user data stored on the server is that of registered users,  which is completely deleted from the server as soon as it is deleted in the web interface. For  conference recordings, user data is recorded and stored on the server (username, image and  audio contributions), which remains on the server until it is deleted by the recorder or  administrator. The source code is publicly available at github.com/bigbluebutton. 
• MEDIA OR MEDIA LIBRARY, based on the open source software WordPress and  plugins such as WooCommerce. When used, access data is automatically stored on the  provider’s server (specifically IP address, login, login duration, subpages visited). The  provider itself does not have root access and only has access to the following user data: user  name, display name, email address, last login, current subscriptions or purchases, and other  information provided. This information is automatically logged and, in some cases, deleted  after two weeks; other data is stored for up to 10 years for tax law reasons. When using  MEDIA, no data is passed on to third parties, except in the case of product purchases, where  it may be passed on to payment service providers such as PayPal. The provider uses a  processor who provides the server and has indirect root access (login is via SSH key  exchange, which is currently one of the most secure login methods). The source code is  publicly available at github.com/WordPress/WordPress,  

github.com/woocommerce/woocommerce, github.com/wp-plugins/wordfence,  github.com/wpovernight/woocommerce-pdf-invoices-packing-slips,  

github.com/mathews5/woocommerce-pay-per-post, and  

github.com/vendidero/woocommerce-germanized 

Due to data protection regulations, the provider does not actively monitor the data stored on the  servers, but may do so if notified by authorities, public institutions, or third parties with a legitimate  interest.

This will generally be communicated to the customer, unless prevented by criminal or other  regulations or laws. In individual cases, the applicable law shall apply. 

13. Supervisory authority 

The competent supervisory authority for the provider in terms of data protection is: 

State Commissioner for Data Protection Saxony-Anhalt 

Office and visitor address: Leiterstraße 9, 39104 Magdeburg Postal address: P.O.  Box 1947, 39009 Magdeburg 

poststelle(at)lfd.sachsen-anhalt.de.  

Telephone: 0391 81803-0 

Fax: 0391 81803-33 

Further information can be found at https://datenschutz.sachsen-anhalt.de 

For further information: This privacy policy was created by Datenschutz-ePrivacy.de. This does not constitute legal advice. (As of January 19, 2026)