Privacy Policy

This section provides information on which personal data we process, for what purpose, on what basis, and for how long.

Overview/Table of Contents

Our Privacy Policy provides the following information:

A. Our Contact Details and General Information on Our Data Processing

  • Name and contact details of the controller
  • Contact details of the data protection officer
  • Legal basis for processing personal data
  • Data erasure and storage duration
  • Source of the personal data
  • Specific categories, purposes, and legal basis for processing personal data
  • Recipients/categories of recipients of personal data
  • Data processing in connection with newsletters

B. Scope of the Processing of Personal Data via Our Website

  • Provision of the website and creation of log files
  • Transmission of data to payment service providers on crossMarket
  • Registration on/login to crossMarket.net
  • Contact forms and contact by e-mail
  • Use of cookies
  • Use of the analysis tool Google Analytics
  • Use of Google Maps
  • Use of the Facebook "Like" plugin
  • Use of the Twitter "Tweet" button
  • Use of the Google+ "+1" button
  • Use of the XING "Share" button
  • Use of the LinkedIn "Share" button
  • Encryption of the website
  • Transmission of personal data to non-EU countries

C. Your Rights as a Data Subject

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to object in the case of processing due to legitimate interests
  • Right to object if consent has been granted
  • Right to restriction of processing
  • Right to notification
  • Right to data portability
  • Right to object in the case of processing due to legitimate interests
  • Right to object if consent has been granted
  • Automated decision-making including profiling
  • Freedom of provision of data
  • Right to lodge a complaint with a supervisory authority

A. Our Contact Details and General Information on Our Data Processing

Name and Contact Details of the Controller

Controller responsible for the collection and use of personal data in the meaning of data protection law:

Across Systems GmbH

Im Stoeckmaedle 13

76307 Karlsbad
Germany

Represented by Mr. Gerd Janiszewski, CEO

Tel: +49 (0) 7248 925 425
Fax: +49 (0) 7248 925 444
E-mail: webmaster@across.net
Website: www.across.net

Further information on our company is available in the legal notice of our website at https://www.across.net/en/legal-notice/.

Contact Details of the Controller's Data Protection Officer

Contact details of our data protection officer:

Mr. Aymen Arfaoui
Across Systems GmbH
Im Stoeckmaedle 13
76307 Karlsbad
Germany

Telephone: +49 (0) 7248 9254 27
E-mail: datenschutz@across.net

Legal Basis for Processing Personal Data

Generally, the following applies to the processing of personal data by us:

  • Where we obtain your consent for processing personal data, point (a) of Art. 6 (1) of the General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data.
  • Where personal data need to be processed for the performance of a contract with you, point (b) of Art. 6 (1) GDPR serves as the legal basis. The same also applies if the processing is required in order to take steps prior to entering into a contract.
  • Where personal data need to be processed to comply with a legal obligation to which we are subject, point (c) of Art. 6 (1) GDPR serves as the legal basis.
  • Where personal data need to be processed in order to protect your vital interests or those of another natural person, point (d) of Art. 6 (1) GDPR serves as the legal basis.
  • If the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms, point (f) of Art. 6 (1) GDPR serves as the legal basis for the processing.

Data Erasure and Storage Duration

We generally erase or block the personal data as soon as the purpose of the storage no longer applies. Moreover, data may be stored if provided for by the European or national legislator in regulations under Union law, laws, or other provisions that we as the controller are subject to. The data will also be blocked if a storage period specified in the said standards ends, unless the data need to continue to be stored for the conclusion or performance of a contract.

In practice, this means:

Where we process personal data on the basis of consent given to the processing of data (point (a) of Art. 6 (1) of the General Data Protection Regulation (GDPR)), the processing will end when you withdraw this consent, unless another legal basis exists for processing the data, which is the case if we, at the time of the withdrawal, are still entitled to process your data for the purpose of the performance of a contract or if the processing of data is required in order to protect our legitimate interests (see below).

Where we, by way of exception, process the data on the basis of our legitimate interests (point (f) of Art. 6 (1) GDPR) according to the previous balancing of interests, we will store these until the legitimate interest no longer exists, the balancing of interests results in a different conclusion, or you effectively object pursuant to Art. 21 GDPR (see highlighted "Note concerning Special Right to Object" under C.).

Where we process the data for the performance of a contract, we will store the data until the contract has been performed and settled and no more claims can be asserted under the contract, i.e. until the end of the limitation period. The general limitation period pursuant to Section 195 of the German Civil Code (BGB) is three (3) years. However, certain claims, such as claims for damages, only expire after 30 years (see Section 197 of the German Civil Code (BGB)). If there is justified reason to assume that this is relevant in the individual case, we will store the personal data for this period. The said limitation periods begin at the end of the year (i.e. on December 31) in which the claim accrues and the creditor learns of the circumstances establishing the claim and of the person of the debtor or should have learned of these if he had not been guilty of gross negligence.

Note: Additionally, we are also subject to statutory retention periods for accounting and tax-related reasons. These require us to retain certain data, which may also include personal data, for a period of six (6) to ten (10) years as accounting evidence. These retention periods have priority over the above-mentioned erasure obligations. The retention periods also begin at the end of the respective year, i.e. on December 31.

Source of the Personal Data

The personal we data we process largely originate directly from the data subjects, e.g. when they

  • transmit information such as the IP address to our web server as users of our website via the web browser and their device (e.g. PC, smartphone, tablet, laptop);
  • request information material or an offer from us (prospective customers);
  • place an order or conclude a contract with us (customers);
  • request information material, press releases, opinions, etc. (press representatives);
  • supply us with goods or perform services etc. for us as agreed (suppliers).

By way of exception, the personal data processed by us may originate from third parties, e.g. when a person acts on behalf of a third party.

Specific Categories, Purposes, and Legal Basis for Processing Personal Data

We process the following categories of personal data:

  • Users of our website
  • Interested persons
  • Press representatives
  • Customers
  • Suppliers, business partners

Depending on the category of data in question, we process personal data for the following purposes and in accordance with the indicated legal basis of the General Data Protection Regulation (GDPR).

User data

Data of users of our website are collected and processed by us on a non-personal basis. We cannot map these data to particular persons. The IP address is only processed in anonymized form. If, by way of exception, personal data should be involved, we process these for the purpose of protecting our legitimate interests on the basis of point (f) of Art. 6 (1) GDPR. Our legitimate interests in this meaning are our interest in the security and integrity of our website and of the data on our web server (especially malfunction and error detection as well as tracking of unauthorized access), marketing interests, and interests in statistical surveys (to improve our website, our services, and our offerings). By balancing the various considerations, we have come to the conclusion that the processing of data is necessary to protect the said legitimate interests and are not overridden by your interests or fundamental rights and freedoms, which require the protection of personal data.

Data of potential customers/press representatives

Where we process data of potential customers of our services or press representatives, this is only done where you enter and submit these data to us by way of an input field or by e-mail. You are free to provide this information. We will only process these data for the purpose of handling your inquiry to us. The processing of these data freely submitted to us for the purpose of obtaining information about our services takes place in the form of processing prior to entering into a contract pursuant to point (b) of Art. 6 (1) GDPR and/or on the basis of the consent given by you through the transmission pursuant to point (a) of Art. 6 (1) GDPR.

Customer data

We process our customers' data for contract processing purposes pursuant to point (b) of Art. 6 (1) GDPR and/or on the basis of consent given pursuant to point (a) of Art. 6 (1) GDPR. This also applies if the processing is required in order to take steps prior to entering into a contract (e.g. for the preparation and negotiation of offers).

Data of suppliers/business partners

We process the data of our suppliers and business partners for contract processing purposes pursuant to point (b) of Art. 6 (1) GDPR and/or on the basis of consent given pursuant to point (a) of Art. 6 (1) GDPR. This also applies if the processing is required in order to take steps prior to entering into a contract (e.g. for the preparation and negotiation of offers).

Recipients/Categories of Recipients of Personal Data

Your personal data will only be forwarded or otherwise transmitted to third parties if this is necessary for the performance of the contract (e.g. to manage and supervise your membership or an order) or for billing purposes (e.g. to handle a payment in connection with the purchase of goods or services), if a legitimate interest in the forwarding/transmission exists, and your interests or fundamental rights and freedoms do not override or with your effective prior consent.

Possible categories of recipients:

  • Service providers
  • Delivery service providers, suppliers
  • Payment service providers, banks

Data Processing in Connection with Newsletters

On our website or by sending us a request, you can subscribe to a free newsletter. We only send this newsletter on the basis of the recipients' consent or a statutory permission. If, within the scope of the subscription to the newsletter, its contents are specified in detail, these shall be relevant to the consent given by the users. Apart from this, our newsletters contain information about news, products, events, and subjects related to our business as well as language technology, translation services, and language technologies in general.

The data you enter in the input screen when subscribing to the newsletter are sent to us. These are:

  • E-mail address
  • Your first name and last name

Optionally, you may specify the following:

  • Company
  • Position

Additionally, subscription to the newsletter involves the collection of the following data:

  • IP address of the user
  • Date and time of the registration

The newsletter subscriptions are logged in order to be able to demonstrate the subscription process in accordance with legal requirements. Moreover, the logging serves the prevention of abuse of the services and of the data subject's e-mail address.

The subscription to our newsletter takes place by means of a double opt-in procedure, i.e. upon subscription, you will receive an e-mail requesting you to confirm your subscription. This confirmation is necessary in order to prevent others from subscribing with your e-mail address.

In the course of the subscription process, your consent to the processing of the data will be obtained, and reference will be made to this Privacy Policy.

If you purchase goods or services on our website and enter your e-mail address while doing so, the e-mail address may subsequently be used for the delivery of a newsletter. In such a case, the newsletter will only contain direct advertising for similar goods or services of our company.

The data will not be forwarded to any third parties. However, this does not apply if the data need to be forwarded due to a statutory obligation. The data will be used exclusively for the purpose of delivering the newsletter.

Use of the Delivery Service Provider CleverReach

The newsletters are delivered via CleverReach, a newsletter delivery service provider of CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany.

The e-mail addresses of our newsletter recipients as well as their other data as described herein are stored on the servers of CleverReach. CleverReach uses this information for the delivery and analysis of the newsletters on our behalf. Moreover, CleverReach may use these data for the purpose of optimizing or improving its own services, e.g. for the technical optimization of the transmission and display of the newsletters or to determine which countries the recipients come from. However, CleverReach does not use the data of our newsletter recipients for the purpose of contacting them directly and does not forward these data to any third parties.

You can view the privacy policy of CleverReach here: https://www.cleverreach.com/en/privacy-policy/

CleverReach uses secure data centers that make use of state-of-the-art electronic monitoring and multi-factor access control systems. A TüV-certified information security management system ensures data security and due compliance with data protection. The utilized data centers have submitted to independent certifications and audits. For further information on the data security at the provider CleverReach, see: https://www.cleverreach.com/en/data-security/

We have concluded an outsourced processing agreement with CleverReach. Under this agreement, CleverReach undertakes to protect the data of our users, to process them on our behalf according to its data protection provisions, and especially not to forward them to any third parties.

Statistical Surveys and Analyses

The newsletters contain a so-called "web beacon", i.e. a pixel-size file that is queried by the CleverReach server when the newsletter is opened. Within the scope of this query, technical information such as information about the browser and your system as well as your IP address and the access time, is collected. This information is used for the technical improvement of the services on the basis of the technical data, target groups and their reading behavior, access locations (which can be determined with the help of the IP address), and access times. Statistical surveys also include the determination whether the newsletters have been opened, when they were opened, and which links are clicked. Though it is technically possible to map this information to the individual newsletter recipients, neither we nor CleverReach intends to monitor individual users. Rather, the analyses enable us to understand our users' reading habits and adapt our content to their needs or to send different content depending on our users' fields of interest.

Accessing the website of CleverReach

In certain cases, we redirect the newsletter recipients to the CleverReach website. For example, our newsletters contain a link with which newsletter recipients can retrieve the newsletters online (e.g. if they are not displayed correctly in the e-mail program). Moreover, newsletter recipients can correct their data (e.g. the e-mail address) retroactively.

In this connection, please note that cookies are used on the CleverReach web pages and personal data are thus processed by CleverReach, its partners, and its service providers. This collection of data is beyond our control.

For more information, please refer to the privacy policy of CleverReach: https://www.cleverreach.com/en/privacy-policy/

Purpose of the data processing:

The collection and processing of the user's e-mail address serves the delivery of the newsletter. We use the e-mail address for advertising purposes.

The collection of other personal data in the course of the subscription process serves the prevention of abuse of the services and of the utilized e-mail address.

Legal basis for processing the data:

The legal basis for processing the data following the user's subscription to the newsletter with the user's consent is point (a) of Art. 6 (1) GDPR.

The legal basis for sending the newsletter due to the sale of goods or services is Section 7 (3) of the German Unfair Competition Act (UWG).

The other personal data collected during the subscription process are processed on the basis of legitimate interests pursuant to point (f) of Art. 6 (1) GDPR. In this context, our legitimate interest consists of the prevention of abuse of our services, web server, mail server, and e-mail address. With respect to the disclosure of the first name and last name, our legitimate interest consists of the personalization of the newsletter and the associated possibility of addressing the recipient directly.

Duration of the storage:

The data will be erased as soon as they are no longer needed for the purpose of their collection. Accordingly, the user's e-mail address will be stored for as long as the newsletter subscription remains active.

The other personal data collected during the subscription process are usually deleted after seven days.

Objection and removal:

The user can cancel the newsletter subscription informally and free of charge whenever he wishes. A link for this purpose is provided in every newsletter.

This also enables the withdrawal of the consent to the storage of the personal data collected during the subscription process.

B. Scope of the Processing of Personal Data via Our Website

As a matter of principle, we only collect and use personal data of the users of our website to the extent required for providing an operable website and our content and services. Usually, personal data of our users are collected and used only after the user gives his consent. An exception applies in cases in which, for valid reasons, it is not possible to obtain prior consent and/or the processing of the data is permitted by statutory regulations.

Provision of the Website and Creation of Log Files

When the website is accessed, our system automatically collects data and information for technical reasons. These are saved to the server's log files. These are:

  • Access date and time
  • URL (address) of the referring website
  • Web pages that are accessed by the user's system via our website
  • Screen resolution of the user
  • Requested language
  • Accessed file(s) and message about the success of the access
  • Volume of transmitted data (upload and download)
  • Browser, browser type and browser version, browser engine and engine version
  • Operating system, operating system version, operating system type
  • Anonymized IP address, port, and user's Internet service provider

These data are processed separately from other data. These data are not processed together with other personal data of the user. We cannot map these data to a particular person.

Purposes of the data processing:

The temporary processing of the data by the system is necessary in order to enable delivery of the content of our website to the user's computer. For this, the user's IP address must be stored for the duration of the session.

The objective of the storage in log files is to ensure the operability of the website. Moreover, we use the data to optimize our offering and the website and to ensure the security of our information technology systems. In this connection, the data are not analyzed for any marketing purposes.

Legal basis for processing the data:

The temporary storage of the data and of the log files takes place on the legal basis of point (f) of Art. 6 (1) GDPR. Our overriding legitimate interest in this data processing lies in the above-mentioned purposes.

Duration of the storage:

The data will be erased as soon as they are no longer needed for the purpose of their collection. Where the data are collected to provide the website, this is the case as soon as the respective session ends. Where data are stored in log files, this is the case after no more than seven days. However, the data may continue to be stored. In this case, the IP addresses of the users will be deleted or anonymized so that the requesting client can no longer be mapped.

Objection and removal:

The collection of data to provide the website and the storage of data in log files is necessary for the operation of the website. Accordingly, the user cannot object to this. However, the user can stop using the website, thereby preventing the further collection of the said data.

Transmission of Data to Payment Service Providers on crossMarket

On our website www.crossmarket.net, you can directly initiate a payment process. Depending on the payment service provider that you select in the order process, we will forward the payment data collected for processing payments to the credit institution or the payment service provider selected for handling the payment. In some cases, the selected payment service providers may collect these data directly when you set up an account with them or have already done so. In this case, you must log in to your payment service provider with your login details during the order process. For this, the respective payment service provider's privacy policy applies.

PayPal

In the event of payment via PayPal, credit card via PayPal, direct debit via PayPal, or purchase on account via PayPal, we will forward your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal"), for handling the payment. For the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – purchase on account via PayPal, PayPal reserves the right to perform a credit check. PayPal will use the result of the credit check with respect to the statistical probability of default for the purpose of making a decision concerning the provision of the respective payment method. The credit check may comprise probability values (scores). Any scores included in the result of the credit check are based on a scientifically recognized, mathematical and statistical procedure. Among other things, address data are included in the calculation of the scores. For further information under data protection law, e.g. concerning the credit agencies used, please refer to the privacy policy of PayPal: https://www.paypal.com/en/webapps/mpp/ua/privacy-full

Payplace

If you want to make the payment via the provider Payplace, the payment will be handled via the company BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main, Germany (www.bspayone.com), the provider of the payment service Payplace.

To the extent necessary, we will forward your personal data that are required for processing payments to the provider for the purpose of handling the payment.

Detailed information on the use of personal data at BS PAYONE GmbH is available in the company's privacy policy: https://www.payone.com/en/privacy/

Registration on/Login to crossMarket.net

On our website http://www.crossmarket.net/, we enable users to register for crossMarket and log in to a protected area with personal data. For this purpose, the data are entered in an input screen, transmitted to us, and stored by us. The data are not forwarded to any third parties.

The data queried in the registration process depend on the type of customer account that you opt for. The data types are indicated in the respective registration dialog. The queried data are mandatory data that we need for your identification, for the performance of the registration, for the creation of a customer account for you, and thus for the services we perform via crossMarket.

At the time of the registration, the following data are stored additionally:

  • IP address of the user
  • Date and time of the registration

In the course of the registration process, the user's consent is obtained for the processing of these data.

Purposes of the data processing:

The registration of the user enables the creation of a payable customer account on our marketplace crossMarket and thus the conclusion of a service agreement with us. The registration as well as the collection and processing of the queried data are necessary for the performance of this contract.

Legal basis for processing the data

The legal basis for processing the data is point (b) of Art. 6 (1) GDPR, i.e. the performance of a contract between us and the user.

Duration of the storage:

The data will be erased as soon as they are no longer needed for the purpose of their collection.

This is the case when the data are no longer required for the performance of the contract. Even after the termination of the contract, it may be necessary to store personal data of the contracting partner in order to comply with contractual or statutory obligations, or a legitimate interest may exist pursuant to point (b) of Art. 6 (1) GDPR, e.g. if claims can still be asserted under the contract and/or if, for certain reasons, the user is to be prevented from registering again (blacklisting). Apart from this, please refer to the information above under "Data Erasure and Storage Duration".

Objection and removal:

You can cancel the registration whenever you wish. You can arrange for this by way of your user account on our website or by sending us a message indicating your request.

Early erasure of the data is possible only if no contractual or statutory obligations make this impossible.

Moreover, you may at any time request the stored data concerning you to be modified.

Contact Forms and E-Mail Contact

Our website features contact forms that can be used for contacting us electronically. If you make use of this option, the data entered in the input screen will be transmitted to us and stored by us.

The data types are indicated in the respective contact form. The forms also show which data are mandatory and which ones you can optionally send us additionally.

When the message is transmitted, the following data are stored additionally:

  • IP address of the user
  • Date and time of the transmission

In the course of the transmission process, your consent will be obtained for processing the data, and attention will be drawn to our legitimate interest in the data processing. You will be informed once again about the data processing and be referred to this Privacy Policy.

Alternatively, contact may be established via the provided e-mail address. In this case, the user's personal data that are transmitted in the e-mail will be stored.

In this context, the data will not be forwarded to any third parties. The data will only be used for the purpose of processing the conversation.

Purposes of the data processing:

The processing of the personal data from the input screen exclusively serves our processing of the contact and your inquiry. In the event of a contact, this also represents the legitimate interest in processing the data.

The other personal data processed during the transmission process serve the prevention of abuse of the contact form and the security of our IT systems.

Legal basis for processing the data:

If consent has been given, point (a) of Art. 6 (1) GDPR is the legal basis for processing the data. Otherwise, our legitimate interest in processing the data pursuant to point (f) of Art. 6 (1) GDPR is the legal basis for the processing.

If the contact or your request aims at the conclusion of a contract, point (b) of Art. 6 (1) GDPR is an additional legal basis for the processing (steps prior to entering into a contract).

Duration of the storage:

The data will be erased as soon as they are no longer needed for the purpose of their collection.

For the personal data from the input screen of the contact form and those transmitted by e-mail, this is the case when the respective conversation with you is finished. The conversation will be deemed finished as soon as the circumstances imply that the respective matter has been conclusively clarified.

The personal data collected additionally during the transmission process will be erased after no more than seven days.

Objection and removal:

You may withdraw any previously granted consent to the processing of personal data or object to the further data processing due to legitimate interests (see "Note concerning Special Right to Object"). In such a case, the conversation cannot be continued.

The withdrawal of consent or the objection to the further processing of the data can be declared by sending us an informal notice (e.g. by e-mail).

In this case, all personal data stored in connection with the contact will be erased.

Where data are processed prior to entering into a contract, it is sufficient for you to expressly tell us that you do not (no longer) intend to enter into a contract.

Use of Cookies

When individual pages are accessed, we set so-called "cookies". These are little text files that are stored on the user's device (PC, smartphone, tablet). When a user accesses a website, a cookie may be saved to the user's operating system. This cookie contains a specific character sequence that enables unique identification of the browser when the website is accessed

We use cookies in order to make our website more user-friendly. Some elements of our website require the identification of the accessing browser even after going to a different page. In this context, the following data are stored in cookies and transmitted:

  • Selection of the language version
  • Selection of the time zone to display time information
  • Login information (to crossmarket.net)
  • User session cookie to map the server sessions to the respective user in order to enable the processing of scripts of (POST) requests (e.g. in the case of all forms, such as contact forms and the newsletter form)

Additionally, third-party providers use cookies that enable the analysis of the users' surfing behavior. These are:

  • Google Analytics
  • Google Maps

The details are explained in more detail in the sections concerning the respective third-party providers below.

When accessing our website, the user is informed about the use of cookies for analysis purposes, and his consent is obtained for the processing of the personal data used in this connection. In this context, reference is also made to this Privacy Policy.

Purpose of the data processing:

The purpose of the use of technically necessary cookies is to facilitate the use of websites for the user. Some of the functions of our website cannot be offered without the use of cookies. For this, it is necessary for the browser to be recognized even after switching pages. The user data collected by technically necessary cookies are not used for the purpose of creating user profiles.

The use of the analysis tools and/or of the analysis cookies serves the purpose of improving the quality of our website and its content. By means of the analysis cookies, we learn how the website is used and can thus continually optimize our offering.

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.
Where the user has given his consent, the legal basis for processing personal data using cookies for analysis purposes is point (a) of Art. 6 (1) GDPR.

Duration of the storage:

Some of the cookies we use are deleted from your hard disk after the end of the browser session (so-called "session cookies"). Other cookies remain on your device and enable us or other service providers (third-party providers) to recognize your browser the next time you visit the website (persistent cookies).

Apart from this, we will store the data collected on the basis of a legitimate interest until the legitimate interest no longer exists, the balancing of interest comes to a different conclusion, or you effectively object pursuant to Art. 21 GDPR (see highlighted "Note concerning Special Right to Object" under C.). It is regularly checked (at least once a year) whether the legitimate interest still applies. In particular, our interest no longer exists if the data, due to the passing of time, are no longer sufficiently relevant for us with respect to an analysis and statistics of the website usage, which can be assumed after no more than three years.

Objection and removal:

Cookies are stored on your computer, from where they are transmitted to us. Thus, you have full control over the use of cookies. You can deactivate or limit the transmission of cookies by changing the settings of your web browser. Previously stored cookies can be deleted whenever you wish. This can even take place automatically. We will construe such a "do not track" setting of your browser as an objection to the further collection and use of your personal data. Note: If cookies are deactivated for our website, it might no longer be possible to fully use all functions of the website.

Use of the Analysis Tool Google Analytics

This website uses Google Analytics, a web analysis service of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses cookies – text files that are stored on your computer and that enable the analysis of your use of the website.

Please note that on this website, the "anonymizeIp" code has been added to Google Analytics in order to ensure anonymized logging of IP addresses (so-called "IP masking"). As IP anonymization has been activated on this website, Google will first abbreviate your IP address in Member States of the European Union or other Contracting States to the Agreement on the European Economic Area. The full IP address will only be transmitted to and abbreviated on a Google server in the USA in exceptional cases. By order of the operator of this website, Google will use this information to analyze your use of the website, to compile reports on the website activities, and to render other services related to the use of the website and of the Internet in general for the website operator. The IP addresses sent by your browser within the scope of Google Analytics will not be consolidated with other data of Google.

Detailed information on the terms of use and privacy is available at http://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en.

Purpose of the data processing:

The use of the analysis tools and/or of the analysis cookies serves the purpose of improving the quality of our website and its content. In this way, we learn how the website is used and can thus continually optimize our offering. The information about your use of this website, which is generated by the cookie, is usually sent to a Google server in the USA and stored there.

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above. As Google Inc. has joined the EU-US Privacy Shield, the transmission of data to the USA is permissible.

Duration of the storage:

Cookies are stored on the user's computer, from where they are transmitted to us. Thus, you as the user have full control over the use of cookies. You can deactivate or limit the transmission of cookies by changing the settings of your web browser. Previously stored cookies can be deleted whenever you wish. This can even take place automatically. If cookies are deactivated for our website, it might no longer be possible to fully use all functions of the website.

Apart from this, we will store the data collected on the basis of a legitimate interest until the legitimate interest no longer exists, the balancing of interest comes to a different conclusion, or you effectively object pursuant to Art. 21 GDPR (see highlighted "Note concerning Special Right to Object" under C.). It is regularly checked (at least once a year) whether the legitimate interest still applies. In particular, our interest no longer exists if the data, due to the passing of time, are no longer sufficiently relevant for us with respect to an analysis and statistics of the website usage, which can be assumed after no more than three years.

Objection and removal:

You can prevent the storage of cookies by configuring your browser software accordingly; in this case, however, you might not be able to use all functions of this website. Moreover, you can prevent the collection of data concerning your use of the website (including your IP address), which are generated by the cookie, and the processing of these data by Google by downloading and installing the browser plugin that is available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

You can prevent the collection of data by Google Analytics by clicking the following link. An opt-out cookie will be set to prevent the future collection of your data when visiting this website:
Deactivate Google Analytics

Use of Google Maps

This website uses Google Maps, a map service of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), for the presentation of an interactive map. Through the use of Google Maps, information about your use of this website (including your IP address) may be sent to a Google server in the USA and stored there.
Google will transmit the information gained through Maps to third parties if this is required by law or to the extent that third parties process these data on behalf of Google. Google never associates your IP address with other data of Google. Nevertheless, it would be technically possible for Google to identify at least some users on the basis of the data received. It would be possible for Google to process personal data and personality profiles of website users for other purposes beyond our control.

Purpose of the data processing:

Google Maps is used for the purpose of improving the quality of our website and its content and to provide you with a simple, useful, and well-known map service for orientation, for the display of our company facilities, for planning your trip, etc.

Legal basis for processing the data:

The legal basis for processing personal data using Google Maps is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above. As Google Inc. has joined the EU-US Privacy Shield, the transmission of data to the USA is permissible.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

You can easily deactivate the Google Maps service and prevent the transfer of data to Google. To do so, deactivate JavaScript in your browser.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

The privacy policy and terms of use of Google products and especially of Google Maps are available at https://policies.google.com/technologies/product-privacy?hl=en.

Use of the Facebook "Like" Plugin

Our website also contains so-called "social plugins" – little software programs of the social network Facebook. These are operated exclusively by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). On our website, you can recognize these plugins from the Facebook logo or the word "Like".

When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers in the USA. In this way, the content of the plugin is sent to your browser, which integrates it in the website.

In this way, the information that you have visited our website is forwarded to Facebook. If you are logged in to your personal user account with Facebook while visiting our website, Facebook can map the visit to the website to this account. If you interact with plugins, e.g. by clicking the so-called "Like" button or by entering a comment, this information will be sent directly to Facebook and stored there.

To prevent such data transmission, you need to log out from your Facebook account before you visit our website. In this case, certain data such as your IP address, the time of the click, the browser you use, etc. will still be transmitted to Facebook. The logout merely prevents the mapping of the data to a particular Facebook account.

Purpose of the data processing:

The use of the Facebook plugin takes place for the purpose of enabling direct feedback ("Like") and direct sharing of our submissions and information ("Share") and thus serves our advertising and marketing interests.

For details on the purpose and scope of the data collection, further processing, and use of the data by Facebook as well as your rights and configuration options in your Facebook account to protect your privacy, please refer directly to the privacy information of Facebook (https://www.facebook.com/privacy/explanation).

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

If you do not wish Facebook to be able to map the visit to our website to your Facebook account, please log out from your Facebook user account and block the execution of script contents of Facebook in your browser, e.g. using the script blockers of www.noscript.net or www.ghostery.com.

Use of the Twitter "Tweet" Button

Our website uses the "Tweet" button of the social network Twitter, which is operated by Twitter Inc., 750 Folsom Street, Suite 600, San Francisco, CA 94107, USA ("Twitter"). The "Tweet" button can be recognized from the dark blue bird icon.

When you access one of the web pages of our website that contains such a button, your browser establishes a direct connection to the Google servers. The content of the "Tweet" button is transmitted directly from Twitter to your browser, which integrates it in your Twitter message. Therefore, the scope of data that Twitter collects with the button is beyond our control. As far as we know, only the user's IP address and the URL of the respective web page are transmitted when obtaining the button, but only for the purpose of displaying the button. Interactions such as clicking a "Retweet" button are also forwarded to Twitter.

Purpose of the data processing:

The use of the Twitter plugin takes place for the purpose of enabling direct feedback and direct sharing of our submissions and information via Twitter ("Tweet") and thus serves our advertising and marketing interests.

For details concerning the purpose and scope of the data collection and the further processing and use of the data by Google+ as well as your rights and configuration options to protect your privacy, please refer to the privacy policy of Google: http://twitter.com/privacy

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript and thus prevent the storage by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

If you are a member of Twitter and do not want Twitter to collect data about you via our website and link them to your member data that are stored at Twitter, log out from Twitter before visiting our website.
You can prevent the execution of the JavaScript code required for the tool by configuring your browser software accordingly.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

You can also modify your Twitter privacy settings in the account settings at http://twitter.com/account/settings.

Use of the Google+ "+1" Button

Our website uses the "+1" button of the social network Google Plus, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). The button can be recognized from the "+1" symbol on white or color background.

When you access one of our web pages that contains such a button, your browser establishes a direct connection to the Google servers. The content of the "+1" button is transmitted directly from Google to your browser, which integrates it in the web page. Therefore, the scope of data that Google collects with the button is beyond our control. According to Google, no personal data are collected unless the button is clicked. Such data (e.g. the IP address) are only collected and processed for members who are logged in.

Purpose of the data processing:

The use of the Google+ plugin takes place for the purpose of enabling direct feedback and direct sharing of our submissions and information via Google+ and thus serves our advertising and marketing interests.

For details concerning the purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights and configuration options to protect your privacy, please refer to the privacy policy of Google concerning the "+1" button: https://developers.google.com/+/web/buttons-policy

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript and thus prevent the storage by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

If you are a member of Google Plus and do not want Google to collect data about you via our website and link them to your member data that are stored at Google, log out from Google Plus before visiting our website.

You can prevent the execution of the JavaScript code required for the tool by configuring your browser software accordingly.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

Use of the XING "Share" Button

This website uses the "Share" button of the professional network XING, which is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

When you access this website, your browser briefly establishes a connection to servers of XING SE ("XING"), with the help of which the XING "Share" button functions (especially the calculation/display of the counter) are provided. XING does not store any personal data about you with respect to the access to this website. In particular, XING does not store any IP addresses. Moreover, your usage behavior is not analyzed by means of cookies in connection with the XING "Share" button.

You can access the latest data protection information on the XING "Share" button and other information at https://www.xing.com/app/share?op=data_protection.

Purpose of the data processing:

The use of the XING plugin takes place for the purpose of enabling direct feedback and direct sharing of our submissions and information via the XING network and thus serves our advertising and marketing interests.

For details concerning the purpose and scope of the data collection and the further processing and use of the data by XING as well as your rights and configuration options to protect your privacy, please refer to the privacy policy of XING: https://www.xing.com/app/share?op=data_protection

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript and thus prevent the storage by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

If you are a member of XING and do not want XING to collect data about you via our website and link them to your member data that are stored at XING, log out from XING before visiting our website.

You can prevent the execution of the JavaScript code required for the tool by configuring your browser software accordingly.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

Use of the LinkedIn "Share" Button

Our pages contain plugins of the social network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn"). You can recognize the LinkedIn plugins from the LinkedIn logo or the "Recommend" button on our website. When you visit a website that contains such a button, a direct connection is established between your browser and the LinkedIn server via the plugin, provided that you activated the data transfer by means of click. In this way, LinkedIn receives the information that you have visited our website from your IP address.
If you click the LinkedIn "Recommend" button while you are logged in to your LinkedIn account, you can link the contents of your pages to your LinkedIn profile. In this way, LinkedIn can map the visit to our pages to your user account. Please note that as a site provider, we are not informed about the content of the transmitted data and their use by LinkedIn.

Purpose of the data processing: The use of the LinkedIn plugin takes place for the purpose of enabling direct feedback and direct sharing of our submissions and information via the LinkedIn network and thus serves our advertising and marketing interests.

For details on the data collection (purpose, scope, further processing, use) as well as your rights and configuration options, please refer to the privacy policy of LinkedIn. You can access this information at https://www.linkedin.com/legal/privacy-policy.

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript and thus prevent the storage by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

If you are a member of LinkedIn and do not want LinkedIn to collect data about you via our website and link them to your member data that are stored at LinkedIn, log out from LinkedIn before visiting our website.

You can prevent the execution of the JavaScript code required for the tool by configuring your browser software accordingly.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

Use of YouTube Videos on the Website

Our website loads JavaScript code of the company YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA (hereinafter referred to as "YouTube"). YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. YouTube is an Internet video portal that enables the free upload of video clips and allows users to view, rate, and comment them. We use YouTube for the purpose of embedding videos in our website. If you have activated JavaScript in your browser and have not installed any JavaScript blocker, you browser might send personal data to YouTube.

Every time a page with an embedded YouTube video is accessed, the user's web browser automatically downloads the respective video from YouTube and plays it.

By means of this procedure, YouTube and Google learn which particular subpage of our website the user visits. If the user is logged in to YouTube at the same time, YouTube will, upon access to a subpage containing a YouTube video, see which particular subpage of our website the user visits. This information is collected by YouTube and Google and mapped to the respective user's YouTube account.

YouTube and Google are informed that the respective user has visited our website whenever the user is logged in to YouTube while accessing our website; this applies regardless of whether or not the respective person clicks a YouTube video. To prevent this information from being transmitted to YouTube and Google, log out from your YouTube account before accessing our website.

The privacy policy of YouTube provides information on the collection, processing, and use of personal data by YouTube and Google and is available here: https://policies.google.com/privacy?hl=en&gl=de

Purpose of the data processing:

The embedding of YouTube videos takes place for the purpose of presenting multimedia content to the user on the website, thereby upgrading and improving the user experience on the website. As this makes our website more attractive, the use of YouTube also serves our marketing and advertising purposes.

Legal basis for processing the data:

The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.

Duration of the storage:

By configuring your browser settings, you as the user can decide whether or not to permit the execution of the JavaScript code required for the tool. You can deactivate or limit the execution of JavaScript by changing the settings of your web browser. Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Objection and removal:

You can prevent the execution of the JavaScript code required for the tool configuring your browser software accordingly; in this case, however, you might not be able to use all functions of this website.
To prevent the execution of JavaScript code entirely, you can also install a JavaScript blocker, e.g. the browser plugin NoScript (e.g. www.noscript.net or www.ghostery.com).

Note: If the execution of JavaScript is deactivated, it might no longer be possible to fully use all functions of the website.

Encryption of the website

The website uses SSL encryption with a certificate of the Let's Encrypt Authority X3. Encryption type: SHA-256 with RSA encryption

Transmission of Personal Data to Non-EU Countries

It is intended to transmit personal data to the United States of America (USA). The EU Commission has issued an adequacy decision indicating that personal data may be transmitted to the USA if the recipient has joined the EU-US Privacy Shield. Therefore, personal data are only sent to recipients in the USA who have demonstrably joined the EU-US Privacy Shield.

The intention specially pertains to the transmission of data to the following companies:

  • Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"): Provider of the web analysis tool Google Analytics, the social network Google+, and the map service Google Maps
  • YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA: Provider of an Internet video portal whose videos are embedded in our website YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.
  • Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA: Provider of the social network Facebook and of the analysis tools Facebook Pixel, Custom Audiences, and Facebook Conversion Tracking
  • Twitter Inc., 750 Folsom Street, Suite 600, San Francisco, CA 94107, USA: Provider of the microblogging service Twitter
  • LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA: Provider of the professional network LinkedIn

The said companies have joined the EU-US Privacy Shield and have subjected to regulations comparable to the EU data protection level. As a matter of principle, the transmission of data to these companies is therefore permissible. Moreover, where such companies process data on our behalf, outsourced processing agreements have been concluded with these companies to protect the data and our rights to give instructions.

C. Rights of Data Subjects

Where personal data relating to you are processed, you are the "data subject", and as such have the following rights vis-à-vis us as the controller:

Right of Access

You have the right to obtain from us confirmation, free of charge, as to whether or not personal data concerning you are being processed by us. Where that is the case, you have a right of access to the personal data and further information pursuant to Art. 15 GDPR. For this purpose, you can contact us by mail or e-mail.

Right to Rectification

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement. For this purpose, you can contact us by mail or e-mail.

Right to Erasure

You have the right to obtain the erasure of personal data concerning you without undue delay where one of the grounds specified in Art. 17 GDPR applies. For this purpose, you can contact us by mail or e-mail.

Right to Restriction of Processing

You have the right to obtain from us restriction of processing where one of the grounds specified in Art. 18 GDPR applies. For this purpose, you can contact us by mail or e-mail.

Right to Notification

If you have asserted the right to rectification, erasure, or restriction of processing vis-à-vis us, we shall communicate this rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

You have a right vis-à-vis us to be notified about these recipients.

Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance by us where the grounds specified in Art. 20 GDPR apply. For this purpose, you can contact us by mail or e-mail.

Right to Object in the Case of Processing due to Legitimate Interests

Where we, by way of exception, process personal data on the basis of point (f) of Art. 6 (1) GDPR (i.e. for the purposes of legitimate interests), you have the right to object to our processing of personal data concerning you at any time for reasons relating to your particular situation. If we cannot demonstrate any compelling legitimate grounds for the further processing that override your interests, rights, and freedoms or if we process the respective data for direct marketing purposes, we will no longer process your data (see Art. 21 GDPR). For this purpose, you can contact us by mail or e-mail.

An objection in this meaning may also be a technical procedure that you use, e.g. clear technical information that your web browser sends us ("do not track" notification).

Right to Object if Consent Has Been Granted

You may revoke any previously granted consent to the collection and use of personal data at any time with effect for the future. For this purpose, you can contact us by mail or e-mail. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Automated Decision-Making including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless the decision is necessary for entering into, or performance of, a contract between you and us, is authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is based on your explicit consent.

We do not engage in such automated decision-making.

Freedom of Provision of Data

If the provision of personal data is required by law or contract, we will always indicate this when collecting the data. Some of the data collected by us are required for the conclusion of a contract, namely if we could otherwise not or not sufficiently fulfill our contractual obligation toward you. You are under no obligation to provide personal data. However, in the event of non-provision, we might be unable to perform or offer a service, action, measure, etc. requested by you or conclude a contract with you.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other rights, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection law.

Responsible for us: Baden-Württemberg State Commissioner for Data Protection and Freedom of Information, Königstraße 10A, 70173 Stuttgart, Germany; website: www.baden-wuerttemberg.datenschutz.de

Questions

Do you have any questions concerning this Privacy Policy, the processing methods described herein, or your rights as a data subject?

Contact details of our data protection officer:

Mr. Aymen Arfaoui
Across Systems GmbH
Im Stoeckmaedle 13
76307 Karlsbad
Germany

Telephone: +49 (0) 7248 9254 27
E-mail: datenschutz@across.net

Version of our Privacy Policy: 2018-05-25