Privacy Statement

We are pleased that you are interested in our company and our website. The protection of your data and your privacy is very important to us. We want you to feel secure when visiting our site. For this reason, compliance with the applicable data protection provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other statutory regulations is a matter of course for us.

We want you to know which data we collect from you and how we use it. With this privacy policy, we therefore inform you where, when and how personal data is processed when you visit our website. In addition, we have taken technical, administrative and organisational measures to ensure that data protection regulations are also observed by our external service providers.

1 Controller for data processing

The controller responsible for data processing on this website is:

LTG Aktiengesellschaft
Grenzstraße 7
70435 Stuttgart
Germany

Phone: +49 0711 82 01-0

Email: info@ltg.de

2 Data protection officer

You can contact our data protection officers at:

intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
Germany

Email: DSB-LTG-AG@intersoft-consulting.de

3 General information on data processing

3.1 Legal bases of data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR and, where special categories of data within the meaning of Art. 9(1) GDPR are processed, on the basis of Art. 9(2)(a) GDPR. In the event of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g. via device fingerprinting), data processing is additionally based on Section 25(1) TDDDG (German Telecommunications Digital Services Data Protection Act). You can withdraw your consent at any time.

If your data is required to perform a contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR.

Furthermore, we process your data if this is necessary to fulfil a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR. The respective legal bases applicable in each individual case are explained in the following paragraphs of this privacy policy.

3.2 Storage period

Unless a more specific storage period is specified in this privacy policy, your personal data will remain with us until the purpose of the data processing no longer applies. If you assert a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible grounds for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place once these grounds no longer apply.

3.3 Data transfer to third countries

We attach great importance to processing your data within the EU / EEA. However, it may happen that we use service providers that process data outside the EU / EEA. In these cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before your personal data is transferred. This can be achieved, for example, by means of EU Standard Contractual Clauses or Binding Corporate Rules or special agreements whose provisions the company can submit to.

3.4 Data security

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

4 Hosting

The provider for hosting the content of our website is Host Europe GmbH, Hansestraße 111, 51149 Cologne, Germany (hereinafter “Host Europe”). When you visit our website, Host Europe records various log files including your IP address.

The use of Host Europe is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website possible.

If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g. for device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.

For details, please refer to Host Europe’s privacy policy:

https://www.hosteurope.de/AGB/Datenschutzerklaerung/.

5 Data collection on this website

5.1 How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically or after your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website.

5.2 What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website. Other data may be used to analyse your user behaviour.

5.3 Analytics tools and tools from third parties

When you visit this website, your surfing behaviour may be statistically evaluated. This is primarily done using so-called analytics programmes.

Detailed information on these analytics programmes can be found in the following sections.

5.4 Cookies

Our internet pages use so-called “cookies”. Cookies are small data packages and do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser carries out an automatic deletion.

Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies for measuring web audiences) (necessary cookies) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and Section 25(1) TDDDG); consent can be withdrawn at any time.

You can set your browser to inform you about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Which cookies and services are used on this website can be found in this privacy policy.

Our website uses the consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in compliance with data protection law.

The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter “Borlabs”).

When you enter our website, a Borlabs cookie is stored in your browser in which the consents you have given or the withdrawal of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The collected data will be stored until you request us to delete it or you delete the Borlabs cookie yourself or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the user-friendliness of the website and in fulfilling the legal requirements of the GDPR and the TDDDG.

The installation of the cookie and its storage, and thus your cookie consent, can be prevented or terminated by the user at any time by the settings of his browser. You can open the settings for Borlabs Cookie via the following link: “Webite cookies”.

5.6 Server log files

We automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and optimisation of our website – for this purpose, the server log files must be recorded.

6 Contact form

When you contact us by email, telephone or via a contact form, we store the data you provide (your email address and your name) in order to answer your questions. Insofar as we request entries via our contact form that are not required for contacting you, these are always marked as optional. This information helps us to specify your enquiry and to process your request more effectively. Providing this information is expressly voluntary and with your consent, Art. 6(1)(a) GDPR. Insofar as this information concerns communication channels (for example email address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. You may of course withdraw this consent at any time with effect for the future.

We delete the data arising in this context once storage is no longer required, or restrict processing if there are statutory retention obligations.

7 Newsletter

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6(1)(a) GDPR). You can withdraw your consent to the storage of the data, the email address and its use for the purpose of sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The lawfulness of the data processing operations already carried out remains unaffected by the withdrawal.

The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter with us and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter or once the purpose ceases to apply. We reserve the right, within the scope of our legitimate interest pursuant to Art. 6(1)(f) GDPR, to delete or block email addresses from our newsletter distribution list at our own discretion. Data stored by us for other purposes remains unaffected. After you have unsubscribed from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider if this is necessary to prevent future mailings. The data in the blacklist is used exclusively for this purpose and is not merged with other data. This serves both your interest and our interest in compliance with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). Storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.

8 Applications

8.1 Handling applicant data

We offer you the opportunity to apply to us (e.g. by email, by post or via an online application form). In the following, we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated as strictly confidential.

8.1.1 Scope and purpose of data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Section 26 BDSG under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general initiation of contracts) and – if you have given your consent – Art. 6(1)(a) GDPR. Consent may be withdrawn at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship.

8.1.2 Duration of data retention

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have transmitted to us on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months after the end of the application process (rejection or withdrawal of the application). The data will then be deleted and any physical application documents destroyed. Retention serves in particular as evidence in the event of a legal dispute. If it becomes apparent that the data will be required after the expiry of the 6‑month period (e.g. due to an imminent or pending legal dispute), deletion will only take place when the purpose for continued retention no longer applies.

Longer retention may also take place if you have given the corresponding consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion.

8.2 Inclusion in the applicant pool

If we are unable to make you a job offer, we may offer you the option of including you in our applicant pool. In the event that you are included, all documents and information from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool is based exclusively on your express consent (Art. 6(1)(a) GDPR). Giving consent is voluntary and is not related to the ongoing application process. The data subject may withdraw their consent at any time. In this case, the data from the applicant pool will be irreversibly deleted, provided there are no legal retention reasons.

The data from the applicant pool will be irreversibly deleted no later than two years after consent has been given.

9 Analytics tools and advertising

9.1 Google Tag Manager

For reasons of transparency, we would like to point out that we use Google Tag Manager. This is a tag management system for managing JavaScript and HTML tags that are used to implement tracking and analytics tools. It is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The controller in the EU/EEA is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Google Tag Manager itself does not collect any personal data. The Tag Manager merely facilitates the integration and administration of our tags. Tags are small code elements that, among other things, serve to measure traffic and visitor behaviour, understand the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimise websites. If you have deactivated tracking, this deactivation will be taken into account by the Google Tag Manager.

Recipients of the data are:

Google Ireland Limited, EU
Google LLC, USA
Alphabet Inc., USA

If data is processed outside the EU/EEA, Google LLC is certified under the Data Privacy Framework (DPF) programme and is listed in the Data Privacy Framework List of the International Trade Administration (ITA). This means that Google has publicly committed to complying with the DPF obligations and that any data transfer to the USA is unproblematic on the basis of the current adequacy decision of the European Commission dated 10 July 2023.

A list of currently certified US companies can be found here: https://www.dataprivacyframework.gov/list. More information about the Data Privacy Framework programme can be found on the ITA’s official website: https://www.dataprivacyframework.gov/.

Google also provides EU Standard Contractual Clauses and thus offers an additional guarantee of compliance with European data protection law. The existing EU Standard Contractual Clauses do not lose their validity after the adequacy decision comes into force.

The legal basis for this data processing is your consent. You have the option of revoking consent given once with effect for the future by changing your settings HERE. The lawfulness of the data processing up to the time of withdrawal remains unaffected.

For more information on Google Tag Manager, please visit:

https://www.google.com/intl/de/tagmanager/use-policy.html.

9.2 Google Analytics

This website uses functions of the Google Analytics web analytics service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. The website operator receives various usage data for this purpose, such as page views, length of visit, operating systems used and the user’s origin. This data may be compiled by Google into a profile that is assigned to the respective user or their device.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modelling approaches to supplement the collected data sets and employs machine learning technologies in data analysis.

Google Analytics uses technologies that enable recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Consent can be withdrawn at any time.

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available under the following link:

https://tools.google.com/dlpage/gaoptout?hl=en-GB.

Further information on the handling of user data at Google Analytics can be found in Google’s privacy policy:

https://support.google.com/analytics/answer/6004245?hl=en&sjid=3479364771547271121-EU.

We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

9.3 Google Ads

We use the Google Ads service. Google Ads is an online advertising programme provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

This means that we place Google Ads and use Google Remarketing and Conversion Tracking in this context. The ads are displayed according to search queries on websites in the Google advertising network. We also use Ads remarketing lists for search ads. This enables us to customise search ad campaigns for users who have already visited our website. Through these services, we have the option of combining our ads with certain search terms or displaying ads for previous visitors in which, for example, services are advertised that the visitors viewed on our website. This allows us to show users of our website interest-based advertising on other websites within the Google advertising network (as a “Google ad” in the context of Google search or on other websites).

Interest-based offers require an analysis of online user behaviour. Google uses cookies to carry out this analysis. When a user clicks on an advertisement or visits our website, Google sets a cookie on the user’s computer. These cookies are valid for 90 days. The information collected by means of the respective cookie is used to be able to address the visitor in a targeted manner during a subsequent search query. Further information on the technology used can also be found in Google’s notes on website statistics and in the privacy policy. With the help of this technology, Google and we as a customer receive information that a user has clicked on an ad and has been redirected to our website. The information obtained in this way is used exclusively for statistical analysis for ad optimisation. We do not receive any information with which visitors can be personally identified. Your IP address is transmitted to Google; since we use IP masking from Google on this website in connection with the use of Google Analytics, your IP address is anonymised. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page on our website that is tagged with a conversion tag. On the basis of these statistics, we can see which search terms users particularly frequently clicked on our ad for and which ads lead to a contact being made via the contact form.

You can find more information on data protection in the context of Google Ads at:

https://policies.google.com/technologies/ads?hl=en-GB.

If you do not want this processing to take place, you can prevent the storage of the cookies required for this technology, for example via your browser settings. In this case, your visit will not be included in the user statistics.

You also have the option of using the ad settings (https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de) to select the types of Google ads or deactivate interest-based ads on Google. Alternatively, you can deactivate the use of cookies by third-party providers by using the deactivation tool of the Network Advertising Initiative.

However, we and Google will still receive statistical information about how many users have visited this page and when. If you do not want to be included in these statistics either, you can prevent this by using additional programmes for your browser (e.g. the “Privacy Badger” add-on).

The legal basis for this data processing is your consent, Art. 6(1)(a) GDPR and Section 25(1) TDDDG. You can withdraw your consent at any time with effect for the future by calling up the cookie settings in our consent management platform (“Change cookie settings” at the bottom of the page) and changing your selection there.

9.4 Google Conversion Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can recognise whether the user has carried out certain actions. For example, we can evaluate which buttons on our website are clicked how often and which products are viewed or purchased particularly frequently. This information is used to create conversion statistics. We find out the total number of users who have clicked on our ads and what actions they have carried out. We do not receive any information that allows us to personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Consent can be withdrawn at any time.

A list of currently certified US companies can be found here: https://www.dataprivacyframework.gov/list . More information about the Data Privacy Framework programme can be found on the ITA’s official website: https://www.dataprivacyframework.gov/.

More information on Google Conversion Tracking can be found in Google’s privacy policy:

https://policies.google.com/privacy?hl=en-GB.

10 Plugins and tools

10.1 Google Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. We have opted for the offline variant, in which the Google Fonts are stored locally on our web server. The management of the fonts is then possible – via CSS – as with any other font family. No transmission of the IP address or other data to Google takes place.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings with a view to considerations of efficiency and cost savings. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If your browser does not support web fonts, a standard font from your computer will be used.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en-GB.

10.2 Font Awesome (local hosting)

This site uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally. There is no connection to servers of Fonticons, Inc.

Further information on Font Awesome can be found in the Font Awesome privacy policy at: https://fontawesome.com/privacy.

11 Audio and video conferences

11.1 Data processing

We use, among other things, online conferencing tools to communicate with our customers. The tools we use are listed below. If you communicate with us by video or audio conference via the internet, your personal data will be recorded and processed by us and by the provider of the respective conferencing tool.

The conferencing tools collect all the data that you provide/use to use the tools (email address and/or your telephone number). Furthermore, the conferencing tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” in connection with the communication process (metadata).

Furthermore, the provider of the tool processes all technical data that is required for the processing of online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speakers as well as the type of connection.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared during the use of the service.

Please note that we do not have full influence on the data processing operations of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy policies of the tools used, which we have listed below this text.

11.2 Purpose and legal bases

The conferencing tools are used to communicate with (prospective) contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6(1)(f) GDPR). If consent has been obtained, the use of the respective tools is based on this consent; consent can be withdrawn at any time with effect for the future.

11.3 Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, you withdraw your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

11.4 Webex as a conferencing tool

We use Webex. The provider of this service is Webex Communications Deutschland GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany.

It cannot be ruled out that the data processed with Webex will be transferred to third countries (e.g. the USA). Webex has Binding Corporate Rules (BCR) which have been approved by the Dutch, Polish, Spanish and other relevant European data protection supervisory authorities. These are binding internal company regulations that legitimise internal company data transfers to third countries outside the EU and the EEA. Details can be found here: https://www.cisco.com/c/en/us/about/trust-center/global-privacy-policy.html.

Details on data processing can be found in Webex’s privacy policy:

https://www.cisco.com/c/de_de/about/legal/privacy-full.html.

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

12 Our social media presences

This privacy policy applies to the following social media presences:

https://www.linkedin.com/company/ltg-incorporated-inc/

We maintain publicly accessible profiles in social networks. The social networks we use in detail can be found below.

Social networks such as Facebook, Twitter etc. can usually comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policies of the respective social media portals.

12.2 Legal basis

Our social media presences are intended to ensure the most comprehensive possible presence on the internet. This is a legitimate interest within the meaning of Art. 6(1)(f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6(1)(a) GDPR).

12.3 Controller and exercise of rights

If you visit one of our social media presences (e.g. Facebook), we and the operator of the social media platform are jointly responsible for the data processing operations triggered during this visit. You can exercise your rights (access, rectification, erasure, restriction of processing, data portability and complaint) in principle both against us and against the operator of the respective social media portal (e.g. against Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

12.4 Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, you withdraw your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

12.5 Your rights

You have the right to obtain information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have a right to object, a right to data portability and a right to lodge a complaint with the competent supervisory authority. Furthermore, you can request the rectification, blocking, deletion and, under certain circumstances, restriction of the processing of your personal data.

12.6.1 XING

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING’s privacy policy: https://privacy.xing.com/en/privacy-policy.

12.6.2 LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to deactivate LinkedIn advertising cookies, please use the following link:

https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found at: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Details of how they handle your personal data can be found in LinkedIn’s privacy policy:

https://www.linkedin.com/legal/privacy-policy .

12.6.3 YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=en-GB.

13 Your rights

13.1 Access, rectification and erasure

Within the scope of the applicable statutory provisions, you have the right at any time to obtain information free of charge about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to rectification or erasure of this data. You can contact us at any time regarding this and any other questions on the subject of personal data.

13.2 Right to data portability

You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

13.3 Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

If you contest the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data has been/is unlawful, you may request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you require it for the exercise, defence or establishment of legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
If you have lodged an objection pursuant to Art. 21(1) GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Many data processing operations are only possible with your express consent. You can withdraw consent that you have already given at any time. The lawfulness of the data processing carried out until the withdrawal remains unaffected by the withdrawal.

If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right at any time, on grounds relating to your particular situation, to object to the processing of your personal data, including profiling based on those provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims (objection pursuant to Art. 21(1) GDPR).

Where your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for direct marketing purposes (objection pursuant to Art. 21(2) GDPR).

13.6 Right to lodge a complaint with the competent supervisory authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

14 Changes to our data protection provisions

We reserve the right to change our security and data protection measures if this becomes necessary, for example, due to technical developments. In these cases, we will also adapt our data protection information accordingly. Please therefore note the respective current version of our privacy policy. We naturally endeavour to check all links regularly for correctness and legality.

Status: 02/2026