top of page

Imprint and Privacy Policy

Imprint

 

 

Service Provider

Spectrum Saxophone Quartet

 

 

Contact Information
Email Address: spectrumsax4@gmail.com

Audiovisual Media Services
Country of Headquarters: Austria
Responsible Regulatory Authority: Austrian Communications Authority (KommAustria), https://www.rtr.at

 

Company Information

Business Area: Independent Artists

Liability and Intellectual Property Notices

 

 

Disclaimer:

 

The content of this online offer has been created with care and to the best of our current knowledge, but it serves only for informational purposes and does not have any legally binding effect, unless it concerns legally mandatory information (e.g., the imprint, privacy policy, general terms and conditions, or mandatory consumer information). We reserve the right to change or delete the content either in whole or in part, provided that contractual obligations remain unaffected. All offers are non-binding and without obligation.

 

 

Copyrights and Trademarks:

 

All content displayed on this website, such as texts, photographs, graphics, trademarks, and trade names, are protected by the respective intellectual property rights (copyrights, trademark rights). The use, reproduction, etc., are subject to our rights or the rights of the respective authors or rights holders.

 

 

Liability for Content:

 

As a service provider, we are responsible under §24 of the Media Act for our own content on these pages according to general laws. However, as a service provider, we are not obliged to monitor transmitted or stored third-party information or investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under general laws remain unaffected. However, liability in this regard is only possible from the moment of knowledge of a specific legal violation. Upon becoming aware of any such legal violations, we will remove this content immediately.

 

 

Liability for Links:


Our offer contains links to external websites of third parties, on whose content we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. A permanent control of the content of the linked pages is not reasonable without concrete indications of a violation of the law. Upon becoming aware of any such legal violations, we will remove such links immediately.

Privacy Policy

Table of Contents

  • Preamble

  • Data Controller

  • Overview of Data Processing

  • Relevant Legal Bases

  • Security Measures

  • Transfer of Personal Data

  • International Data Transfers

  • General Information on Data Retention and Deletion

  • Rights of Data Subjects

  • Provision of Online Services and Web Hosting

  • Use of Cookies

  • Blogs and Publication Media

  • Contact and Inquiry Management

  • Promotional Communication via Email, Mail, Fax, or Telephone

  • Web Analysis, Monitoring, and Optimization

  • Social Media Presence

  • Plug-ins and Embedded Functions and Content

 

Preamble


With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter referred to as "data") that we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and especially on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering").

The terms used are not gender-specific.

Effective date: October 12, 2024

 

Data Controller


Spectrum Saxophone Quartet:

  • Daniel Dundus

  • Stephanie Schoiswohl

  • Severin Neubauer

  • Florian Bauer

Email Address: spectrumsax4@gmail.com

 

 

Overview of Data Processing


The following overview summarizes the types of data processed and the purposes for their processing, and it refers to the affected individuals.

 

 

Types of Data Processed

  • Master data

  • Location data

  • Contact data

  • Content data

  • Usage data

  • Meta, communication, and procedural data

  • Log data

 

 

Categories of Affected Individuals

  • Communication partners

  • Users

Purposes of Processing

  • Communication

  • Security measures

  • Direct marketing

  • Reach measurement

  • Organizational and administrative procedures

  • Feedback

  • Marketing

  • Profiles with user-related information

  • Provision of our online offering and user-friendliness

  • Information technology infrastructure

  • Public relations

  • Sales promotion

 

 

Relevant Legal Bases

Relevant Legal Bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations in your or our country of residence or establishment may apply. Should other specific legal bases be applicable in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6(1) sentence 1 lit. a) GDPR): The data subject has given consent to the processing of personal data concerning them for one or more specific purposes.

  • Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR): The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.

  • Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR): The processing is necessary to protect the legitimate interests of the data controller or a third party, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not override those interests.

National Data Protection Regulations in Austria: In addition to the data protection regulations of the GDPR, national regulations on data protection in Austria also apply. This includes, in particular, the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act – DSG). The Data Protection Act contains specific provisions on the right to information, the right to rectification or deletion, the processing of special categories of personal data, processing for other purposes, and transfers, as well as automated decision-making in individual cases.

Notice Regarding the Applicability of the GDPR and Swiss DSG: This privacy notice serves to provide information under both the Swiss Data Protection Act (DSG) and the General Data Protection Regulation (GDPR). Therefore, please note that, due to the broader geographical scope and for better understanding, the terms of the GDPR are used. In particular, instead of the terms "processing" of "personal data," "overriding interest," and "sensitive personal data" as used in the Swiss DSG, the corresponding GDPR terms are used: "processing" of "personal data," "legitimate interest," and "special categories of data." However, the legal significance of the terms will still be determined in accordance with the Swiss DSG within the scope of its applicability.

 

 

Security Measures

In accordance with legal requirements, taking into account the state of the art, the costs of implementation, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, transmission, availability, and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data, and responses to data risks. In addition, we consider the protection of personal data during the development or selection of hardware, software, and procedures, in line with the principle of data protection by design and by default.

 

 

Transfer of Personal Data

In the course of processing personal data, it may occur that such data is transferred to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. The recipients of this data may include service providers responsible for IT tasks or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

 

 

International Data Transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if processing takes place as part of the use of services provided by third parties, or the disclosure or transfer of data to other persons, entities, or companies, this is done only in accordance with legal requirements. If the data protection level in the third country has been recognized by an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Otherwise, data transfers are only carried out if the data protection level is otherwise guaranteed, particularly through standard contractual clauses (Art. 46(2) lit. c) GDPR), explicit consent, or in the case of contractually or legally necessary transfers (Art. 49(1) GDPR). Furthermore, we inform you of the basis for third-country transfers for each third-country provider, with adequacy decisions being the primary basis. Information on third-country transfers and existing adequacy decisions can be found on the EU Commission's website: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

As part of the "Data Privacy Framework" (DPF), the EU Commission also recognized the data protection level for certain U.S. companies as secure through an adequacy decision on July 10, 2023. The list of certified companies and further information about the DPF can be found on the U.S. Department of Commerce's website at https://www.dataprivacyframework.gov/ (in English). We will inform you in our privacy notices which service providers we use that are certified under the Data Privacy Framework.

 

 

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the underlying consent is revoked, or there are no further legal grounds for processing. This applies in cases where the original processing purpose no longer exists, or the data is no longer needed. Exceptions to this rule exist when legal obligations or special interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax reasons or whose storage is necessary for legal prosecution or for protecting the rights of other natural or legal persons must be archived accordingly.

Our privacy notices contain additional information on the retention and deletion of data that specifically apply to certain processing procedures.

In cases where multiple retention periods or deletion deadlines for a piece of data are provided, the longest period is always decisive.

If a period does not explicitly begin on a certain date and is at least one year, it starts automatically at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships where data is stored, the triggering event is the date of the termination or other ending of the legal relationship.

Data that is no longer required for the originally intended purpose but is stored due to legal obligations or other reasons is processed solely for the reasons justifying its retention.

Further Notes on Processing, Procedures, and Services:

Retention and Deletion of Data: The following general retention periods apply under Austrian law for retention and archiving:

  • 10 years: Retention period for books and records, annual financial statements, inventories, management reports, opening balances, accounting records, and invoices, as well as all necessary instructions and other organizational documents (Austrian Federal Tax Code (BAO §132), Austrian Commercial Code (UGB §§190-212)).

  • 6 years: Other business documents, such as received business or commercial letters, copies of sent business or commercial letters, and other documents relevant for tax purposes, such as hourly wage statements, cost accounting sheets, calculation documents, price lists, and payroll documents, as long as they are not already accounting documents or cash receipts (BAO §132, UGB §§190-212).

  • 3 years: Data necessary for considering potential warranty and compensation claims or similar contractual claims and rights, as well as related inquiries, are stored for the duration of the regular statutory limitation period of three years (§§ 1478, 1480 ABGB).

 

 

Rights of Data Subjects

Rights of Data Subjects under the GDPR: As a data subject, you have various rights under the GDPR, particularly those outlined in Articles 15 to 21 GDPR:

  • Right to Object: You have the right, at any time, to object to the processing of personal data concerning you, which is carried out based on Art. 6(1)(e) or (f) GDPR, for reasons arising from your particular situation; this also applies to profiling based on these provisions. If personal data concerning you is processed for direct marketing purposes, you have the right to object to the processing of personal data concerning you for such marketing at any time; this also applies to profiling, as far as it is related to such direct marketing.

  • Right to Withdraw Consent: You have the right to withdraw any given consent at any time.

  • Right of Access: You have the right to request confirmation of whether data concerning you is being processed and to obtain information about this data, as well as further information and a copy of the data in accordance with legal requirements.

  • Right to Rectification: You have the right, in accordance with legal requirements, to request the completion of data concerning you or the correction of incorrect data concerning you.

  • Right to Deletion and Restriction of Processing: You have the right, in accordance with legal requirements, to request the immediate deletion of data concerning you, or alternatively, in accordance with legal requirements, to request a restriction of the processing of the data.

  • Right to Data Portability: You have the right, in accordance with legal requirements, to receive the data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller.

  • Right to Lodge a Complaint with a Supervisory Authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

 

Provision of the Online Offering and Web Hosting

We process users' data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

Types of Data Processed:

  • Usage data (e.g., page views and duration, click paths, usage intensity and frequency, types of devices and operating systems used, interactions with content and features).

  • Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

  • Log data (e.g., logins or data retrieval logs, access times).

Data Subjects:
Users (e.g., website visitors, users of online services).

Purpose of Processing:
Provision of our online offering and user-friendliness; IT infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)); security measures.

Retention and Deletion:
Deletion according to the specifications in the section "General Information on Data Storage and Deletion."

Legal Basis:
Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further Notes on Processing Procedures, Processes, and Services:

Collection of Access Data and Log Files:
Access to our online offering is logged in the form of "server log files." These server log files may include the address and name of accessed web pages and files, date and time of access, data volumes transferred, messages regarding successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP addresses, and the requesting provider. The server log files may be used for security purposes, such as preventing server overload (especially in the case of abusive attacks like DDoS attacks) and ensuring server load and stability; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Data Deletion: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that needs to be retained for evidence purposes is excluded from deletion until the respective incident is finally clarified.

Use of Cookies

The term "cookies" refers to functions that store and retrieve information on users' devices. Cookies can be used for various purposes, such as ensuring the functionality, security, and comfort of online services, as well as for creating analyses of visitor flows. We use cookies in accordance with legal requirements. When necessary, we obtain users' consent beforehand. If consent is not required, we rely on our legitimate interests. This applies when storing and retrieving information is essential to provide explicitly requested content and functions. This includes, for example, storing settings and ensuring the functionality and security of our online offering. Consent can be withdrawn at any time. We provide clear information on the scope of use and the cookies being used.

Notes on Data Protection Legal Bases:
Whether we process personal data using cookies depends on the presence of consent. If consent is given, it serves as the legal basis. Without consent, we rely on our legitimate interests, as explained in this section and in the context of the respective services and procedures.

Storage Duration: The following types of cookies are distinguished regarding their storage duration:

  • Temporary Cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their device (e.g., browser or mobile application).

  • Permanent Cookies: Permanent cookies remain stored even after the device is closed. For example, the login status can be saved, and preferred content can be displayed directly when a user revisits a website. Similarly, usage data collected using cookies can be used for reach measurement. If we do not provide users with explicit information on the type and duration of cookies (e.g., when obtaining consent), they should assume that these are permanent and may be stored for up to two years.

General Information on Withdrawal and Objection (Opt-out):
Users can withdraw their consent at any time and also object to the processing under the legal requirements, including through their browser's privacy settings.

Types of Data Processed:
Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Data Subjects:
Users (e.g., website visitors, users of online services).

Legal Bases:
Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further Notes on Processing Procedures, Processes, and Services:

Processing of Cookie Data Based on Consent:
We use a consent management solution where users' consent for the use of cookies or for the procedures and providers mentioned within the consent management solution is obtained. This procedure serves to collect, record, manage, and revoke consents, particularly related to the use of cookies and similar technologies used to store, read, and process information on users' devices. In this context, users' consent for the use of cookies and the associated processing of information, including the specific processing and providers mentioned in the consent management procedure, is obtained. Users can also manage and revoke their consent. Consent declarations are stored to avoid re-asking for consent and to provide proof of consent under legal requirements. Storage takes place server-side and/or in a cookie (so-called opt-in cookie) or using similar technologies to assign consent to a specific user or their device. If there are no specific details about consent management service providers, the following general information applies: The storage duration of consent is up to two years. A pseudonymous user identifier is created and stored along with the time of consent, the scope of consent (e.g., categories of cookies and/or service providers), and information about the browser, system, and device used; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

 

Blogs and Publication Media

We use blogs or similar means of online communication and publication (hereinafter referred to as "publication medium"). The data of readers is only processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. Otherwise, we refer to the information on processing the visitors of our publication medium within these privacy notices.

Types of Data Processed:

  • Inventory data (e.g., full name, residential address, contact information, customer number, etc.).

  • Contact data (e.g., postal and email addresses or phone numbers).

  • Content data (e.g., textual or visual messages and contributions, as well as information concerning them, such as authorship or time of creation).

  • Usage data (e.g., page views and duration, click paths, usage intensity and frequency, types of devices and operating systems used, interactions with content and features).

  • Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Data Subjects:
Users (e.g., website visitors, users of online services).

Purpose of Processing:
Feedback (e.g., collecting feedback via online form); provision of our online offering and user-friendliness; security measures; organizational and administrative procedures.

Retention and Deletion:
Deletion according to the specifications in the section "General Information on Data Storage and Deletion."

Legal Basis:
Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further Notes on Processing Procedures, Processes, and Services:

Comments and Contributions:
When users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our security, in case someone leaves unlawful content in comments and contributions (e.g., insults, prohibited political propaganda). In such cases, we may be held liable for the comment or contribution, and we are therefore interested in the identity of the author.

We also reserve the right to process users' information for spam detection based on our legitimate interests.

On the same legal basis, we reserve the right to store users' IP addresses during surveys and to use cookies to prevent multiple votes.

The information provided in comments and contributions about the person, such as contact and website information as well as content details, will be stored by us permanently until the users object; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

 

 

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, phone, or via social media) as well as in the context of existing user and business relationships, the information of the inquiring persons is processed to the extent necessary to answer the contact inquiries and any requested measures.

Types of Data Processed:

  • Inventory data (e.g., full name, residential address, contact information, customer number, etc.).

  • Contact data (e.g., postal and email addresses or phone numbers).

  • Content data (e.g., textual or visual messages and contributions, as well as information concerning them, such as authorship or time of creation).

  • Usage data (e.g., page views and duration, click paths, usage intensity and frequency, types of devices and operating systems used, interactions with content and features).

  • Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Data Subjects:
Communication partners.

Purpose of Processing:
Communication; organizational and administrative procedures; feedback (e.g., collecting feedback via online form); provision of our online offering and user-friendliness.

Retention and Deletion:
Deletion according to the specifications in the section "General Information on Data Storage and Deletion."

Legal Basis:
Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).

Further Notes on Processing Procedures, Processes, and Services:

Contact Form:
When contacting us via our contact form, by email, or other communication channels, we process the personal data provided to us to answer and handle the respective request. This typically includes information such as name, contact details, and, if applicable, other information necessary for appropriate handling. We use this data exclusively for the specified purpose of contacting and communicating; Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Advertising Communication via Email, Mail, Fax, or Telephone

We process personal data for the purposes of advertising communication, which may occur through various channels such as email, telephone, mail, or fax in accordance with legal regulations.

Recipients have the right to withdraw their consent at any time or object to advertising communication at any time.

After a withdrawal or objection, we store the data necessary to prove the previous authorization for contact or sending for up to three years following the year of withdrawal or objection, based on our legitimate interests. The processing of this data is limited to the purpose of potential defense against claims. Based on our legitimate interest in permanently respecting the users' withdrawal or objection, we also store the data necessary to prevent future contact (e.g., depending on the communication channel, the email address, phone number, or name).

Types of data processed: Inventory data (e.g., full name, home address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and contributions, as well as related information such as authorship or creation time).

Affected individuals: Communication partners.

Purposes of processing: Direct marketing (e.g., via email or post); marketing; sales promotion.

Retention and deletion: Deletion is in accordance with the information provided in the section "General Information on Data Retention and Deletion."

Legal bases: Consent (Art. 6(1)(1)(a) GDPR); legitimate interests (Art. 6(1)(1)(f) GDPR).

Web Analysis, Monitoring, and Optimization

Web analysis (also referred to as "reach measurement") is used to evaluate the visitor flows of our online offering and may include behavior, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, determine when our online offering or its functions and content are most frequently used or invite reuse. It also allows us to identify areas that need optimization.

In addition to web analysis, we may use testing procedures to test and optimize different versions of our online offering or its components.

Unless otherwise stated below, profiles (i.e., data grouped by a usage process) may be created for these purposes, and information may be stored and read in a browser or end device. The collected data primarily includes visited websites and the elements used there, as well as technical information, such as the browser used, the computer system, and usage times. If users have consented to the collection of their location data either with us or with the providers of the services we use, location data may also be processed.

Furthermore, users' IP addresses are stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. Generally, no clear data of users (such as email addresses or names) is stored as part of web analysis, A/B testing, or optimization, but pseudonymous data. This means that we, as well as the providers of the software used, do not know the actual identity of the users but only the information stored in their profiles for the respective procedures.

Legal bases: If we ask users for their consent to use third-party providers, the legal basis for the processing of data is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economic, and recipient-friendly services). In this context, we also refer you to the information on the use of cookies in this privacy policy.

Types of data processed: Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features); meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals).

Affected individuals: Users (e.g., website visitors, users of online services).

Purposes of processing: Reach measurement (e.g., access statistics, recognition of returning visitors); profiles with user-related information (creation of user profiles); provision of our online offering and user-friendliness.

Retention and deletion: Deletion in accordance with the information provided in the section "General Information on Data Retention and Deletion." Cookies may be stored for up to 2 years (unless otherwise stated, cookies and similar storage methods may be stored on users' devices for up to two years).

Security measures: IP masking (pseudonymization of IP addresses).

Legal bases: Consent (Art. 6(1)(1)(a) GDPR); legitimate interests (Art. 6(1)(1)(f) GDPR).

Presence on Social Networks (Social Media)

We maintain online presences on social networks and process user data in this context to communicate with active users or provide information about us.

We point out that user data may be processed outside the European Union, which can pose risks to users, such as making it more difficult to enforce their rights.

Furthermore, user data on social networks is typically processed for market research and advertising purposes. For example, usage profiles may be created based on user behavior and interests, which may be used to display ads within and outside the networks that are likely aligned with users' interests. Cookies are often stored on users' devices to record user behavior and interests. These usage profiles may also store data across devices, particularly if users are logged into their respective platforms.

For detailed information on specific processing methods and options to object (opt-out), we refer to the privacy policies of the respective network operators.

We also point out that inquiries regarding access to information or the exercise of user rights are most effectively directed to the network providers themselves, as only they have direct access to user data and can take the appropriate measures. If you still need assistance, you can contact us.

Processed Data Types: Contact data (e.g., postal addresses, email addresses, or phone numbers); content data (e.g., text or image messages and posts, including associated information such as author details or timestamps). Usage data (e.g., page views, dwell times, click paths, usage frequency, device types, operating systems, interactions with content and features).

Affected Persons: Users (e.g., website visitors, online service users).

Processing Purposes: Communication; feedback (e.g., collecting feedback via online forms); public relations.

Retention and Deletion: Deletion as per the section "General Information on Data Retention and Deletion."

Legal Bases: Legitimate interests (Art. 6(1)(f) GDPR).

Further Information on Processing Methods, Procedures, and Services:

  • Instagram: Social network for sharing photos and videos, commenting, favoriting posts, messaging, subscribing to profiles and pages. Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Website: https://www.instagram.com; Privacy policy: https://privacycenter.instagram.com/policy/. Data transfers outside the EU based on: Data Privacy Framework (DPF).

  • Facebook Pages: Social network profiles. We are jointly responsible with Meta Platforms Ireland Limited for collecting (but not further processing) visitor data on our Facebook page ("Fanpage"). Data includes content interactions, device information (IP addresses, operating systems, browsers, etc.). For more details, see Facebook’s Privacy Policy. Insights data is jointly controlled, and we have a special agreement with Facebook governing these rights. Service provider: Meta Platforms Ireland Limited. Data transfers outside the EU based on: DPF.

  • LinkedIn: Social network. We are jointly responsible with LinkedIn Ireland Unlimited Company for the collection (but not further processing) of visitor data used to generate "Page Insights" statistics. Data includes content interaction details, device information, and user profile information (job title, country, industry, etc.). Privacy policy: https://www.linkedin.com/legal/privacy-policy. Service provider: LinkedIn Ireland Unlimited Company. Data transfers outside the EU based on: DPF. Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

  • X (formerly Twitter): Social network. Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Website: https://x.com. Privacy policy: https://x.com/de/privacy.

 

Plug-ins and Embedded Features and Content

We integrate functional and content elements into our online offerings that are sourced from the servers of their respective providers (hereinafter referred to as "third parties"). This may include graphics, videos, or city maps (hereinafter collectively referred to as "content").

The integration always assumes that the third-party providers of this content process the users' IP addresses, as they would not be able to send the content to their browsers without an IP address. The IP address is therefore necessary for the display of this content or functions. We strive to use only those contents whose respective providers apply the IP address solely for the delivery of the content. Third parties may also employ so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. Through the pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the users' devices and may include technical information about the browser and operating system, referring websites, visit times, and other information about the use of our online offerings, but may also be combined with such information from other sources.

Notes on Legal Grounds: If we ask users for their consent for the use of third parties, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would also like to point you to the information regarding the use of cookies in this privacy policy.

  • Processed Data Types: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, types of devices and operating systems used, interactions with content and functions); meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties); inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts and the related information, such as authorship or creation time). Location data (information about the geographic position of a device or person).

  • Affected Individuals: Users (e.g., website visitors, users of online services).

  • Purposes of Processing: Provision of our online offerings and user-friendliness.

  • Storage and Deletion: Deletion according to the information in the section "General Information on Data Storage and Deletion." Storage of cookies for up to 2 years (unless otherwise specified, cookies and similar storage methods can be stored on users' devices for a period of two years).

  • Legal Grounds: Consent (Art. 6 (1) Sentence 1 lit. a) GDPR). Legitimate interests (Art. 6 (1) Sentence 1 lit. f) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

  • Google Fonts (Sourcing from the Google Server): Accessing fonts (and symbols) for the purpose of ensuring a technically secure, maintenance-free, and efficient use of fonts and symbols in terms of currentness and loading times, their uniform representation, and consideration of possible licensing restrictions. The font provider is informed of the user's IP address so that the fonts can be provided in the user's browser. In addition, technical data (language settings, screen resolution, operating system, hardware used) is transmitted, which is necessary for the provision of the fonts depending on the devices used and the technical environment. This data may be processed on a server of the font provider in the USA. When visiting our online offerings, users' browsers send their browser HTTP requests to the Google Fonts Web API (i.e., a software interface for retrieving fonts). The Google Fonts Web API provides users with the cascading style sheets (CSS) of Google Fonts and then the fonts specified in the CSS. These HTTP requests include (1) the IP address used by the respective user to access the internet, (2) the requested URL on the Google server, and (3) the HTTP headers, including the user agent that describes the browser and operating system versions of website visitors, as well as the referring URL (i.e., the webpage where the Google font is to be displayed). IP addresses are neither logged nor stored on Google servers, and they are not analyzed. The Google Fonts Web API logs details of the HTTP requests (requested URL, user agent, and referring URL). Access to this data is restricted and strictly controlled. The requested URL identifies the font families for which the user wants to load fonts. This data is logged so that Google can determine how often a specific font family is requested. In the Google Fonts Web API, the user agent adjusts the font generated for the specific browser type. The user agent is primarily logged for debugging and used to generate aggregated usage statistics that measure the popularity of font families. These aggregated usage statistics are published on the "Analytics" page of Google Fonts. Finally, the referring URL is logged so that the data can be used for maintaining production and generating an aggregated report on the top integrations based on the number of font requests. Google states that it does not use any of the information collected by Google Fonts to create profiles of end users or target advertisements; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; legal grounds: legitimate interests (Art. 6 (1) Sentence 1 lit. f) GDPR); website: https://fonts.google.com/; privacy policy: https://policies.google.com/privacy; basis for transfers to third countries: Data Privacy Framework (DPF). More information: https://developers.google.com/fonts/faq/privacy?hl=en.

  • Google Maps: We embed the maps of the "Google Maps" service from provider Google. Processed data may particularly include IP addresses and location data of users; service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; legal grounds: consent (Art. 6 (1) Sentence 1 lit. a) GDPR); website: https://mapsplatform.google.com/; privacy policy: https://policies.google.com/privacy. Basis for transfers to third countries: Data Privacy Framework (DPF).

  • YouTube Videos: Video content; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; legal grounds: consent (Art. 6 (1) Sentence 1 lit. a) GDPR); website: https://www.youtube.com; privacy policy: https://policies.google.com/privacy; basis for transfers to third countries: Data Privacy Framework (DPF). Opt-out option: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=en, settings for displaying ads: https://myadcenter.google.com/personalizationoff.

  • SoundCloud: This website may integrate plugins from the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, UK). You can recognize the SoundCloud plugins by the SoundCloud logo on the affected pages. When you visit this website, a direct connection is established between your browser and the SoundCloud server after the plugin is activated. This allows SoundCloud to obtain the information that you visited this website with your IP address. If you click the "Like" button or "Share" button while logged into your SoundCloud account, you can link and/or share the contents of this website with your SoundCloud profile. This allows SoundCloud to associate your visit to this website with your user account. We point out that as the provider of the pages, we have no knowledge of the content of the transmitted data and its use by SoundCloud. The storage and analysis of the data is carried out based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in achieving the broadest possible visibility on social media. If consent was requested, processing is carried out exclusively based on Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user's end device (e.g., device fingerprinting) within the meaning of TTDSG. Consent can be revoked at any time. The UK is considered a safe third country in terms of data protection law. This means that the UK has a level of data protection that corresponds to the level of data protection in the European Union. For further information, please see the SoundCloud privacy policy at: https://soundcloud.com/pages/privacy. If you do not wish for SoundCloud to associate your visit to this website with your SoundCloud user account, please log out of your SoundCloud account before activating content from the SoundCloud plugin.

  • Spotify This website includes functions from the music service Spotify. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. The Spotify plugins can be recognized by the green logo on this website. An overview of the Spotify plugins can be found at: https://developer.spotify.com. As a result, when visiting this website, a direct connection between your browser and the Spotify server can be established through the plugin. This allows Spotify to obtain the information that you visited this website with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the contents of this website to your Spotify profile. This allows Spotify to associate your visit to this website with your user account. We would like to point out that when using Spotify, cookies from Google Analytics are employed, so your usage data may also be shared with Google when using Spotify. Google Analytics is a tool from the Google group for analyzing user behavior based in the USA. Spotify is solely responsible for this integration.

bottom of page