Privacy Policy

Note: The German version of this privacy policy is legally binding. This English translation is provided for convenience.

1. Controller

The controller responsible for processing personal data on this website is:

2. General information and legal bases

We process our users' personal data only to the extent necessary to provide a functional website and our content and services. Processing generally takes place only with the user's consent or where permitted by a legal basis.

The legal bases are in particular Art. 6 (1) (a) GDPR (consent), (b) (contract and pre-contractual measures), (c) (legal obligation) and (f) (legitimate interest), as well as § 25 TDDDG for storing and accessing information on end devices.

3. Hosting

This website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The host processes the data collected via the website on our behalf, in particular technical connection data and content required to provide and securely operate the website. The legal basis is Art. 6 (1) (f) GDPR (secure and efficient provision of our online offer). A data processing agreement pursuant to Art. 28 GDPR is in place with the host.

4. SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognize an encrypted connection by "https://" in your browser's address bar.

5. Server log files

Each time the website is accessed, the system automatically records information from the accessing device in server log files: browser type and version, operating system, referrer URL, hostname of the accessing computer, date and time of the request, and the IP address. Processing is based on Art. 6 (1) (f) GDPR for stable and secure operation. Log files are stored for a maximum of 30 days and then deleted, unless required to investigate security incidents.

6. Cookies and local storage

Our website uses technically necessary storage mechanisms and – with your consent – cookies and comparable technologies. We store your cookie decision in your browser's local storage (localStorage, key "sd_consent"); this information remains on your device. Consent-based cookies and services are only loaded after you have consented via our cookie banner. You can withdraw your consent at any time with effect for the future via "Cookie settings" in the footer. Details can be found in our cookie policy.

7. Contact form and email

If you contact us via the contact form or by email, we process the data you provide (e.g. name, organization, email address, phone number and details of your request) to handle your enquiry and any follow-up questions. The legal basis is Art. 6 (1) (b) GDPR where the request relates to a contract, otherwise Art. 6 (1) (f) GDPR or your consent under Art. 6 (1) (a) GDPR. The data is deleted once it is no longer required and no statutory retention obligations apply.

8. Services of Google Ireland Limited

On this website we use various services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). When using these services, personal data – in particular your IP address – may be transmitted to and processed on Google servers, including in the USA. For data transfers to the USA, Google is certified under the EU-US Data Privacy Framework; standard contractual clauses pursuant to Art. 46 GDPR additionally apply. Where services require consent, they are used on the basis of Art. 6 (1) (a) GDPR and § 25 (1) TDDDG; you can withdraw consent at any time. More information at policies.google.com/privacy.

8.1 Google Fonts

To display fonts consistently we use Google Fonts. When a page loads, your browser loads the required fonts from Google servers, transmitting your IP address to Google. The legal basis is our legitimate interest in a consistent, appealing presentation of our online offer (Art. 6 (1) (f) GDPR).

8.2 Google Tag Manager

We use Google Tag Manager to centrally manage website tags. The Tag Manager itself does not create user profiles and does not store cookies; it serves to integrate and control other services. Where consent-based services are triggered via the Tag Manager, this only happens after your consent.

8.3 Google Analytics

We use Google Analytics for statistical analysis of website usage. Google Analytics uses cookies and similar technologies; the information generated is transmitted to Google. The IP address is truncated (IP anonymization). This is used exclusively on the basis of your consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG). You can withdraw your consent at any time via the cookie settings.

8.4 Google Maps

We may embed Google Maps to display map material. When used, your IP address is transmitted to Google. The integration only takes place after your consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG).

8.5 Google reCAPTCHA

To protect our forms against automated and abusive input, we use Google reCAPTCHA. reCAPTCHA evaluates various characteristics of user behavior; data is transmitted to Google. The legal basis is our legitimate interest in preventing spam and abuse (Art. 6 (1) (f) GDPR) or your consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG).

9. Rights of data subjects

Within the framework of the law you have the following rights: access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and objection to processing (Art. 21 GDPR). You can withdraw any consent given at any time with effect for the future.

Where we process your data on the basis of legitimate interests, you have the right to object to this processing at any time on grounds relating to your particular situation.

10. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data, in particular in the Member State of your residence, place of work or place of the alleged infringement. The authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information.