Privacy policy

PROTECTING YOUR DATA, SAFEGUARDING YOUR TRUST.

Thank you for visiting our website. We would like to inform you below about the processing of your personal data on our website. 

Controller 

intimus International GmbH 
Bergheimer Straße 6-16 
88677 Markdorf 
Germany 

Contact: 
Phone: +49 (0) 7544 60-0 
Email: sales.de@intimus.com 

Data Protection Officer 

DDSK GmbH 
Mr. Stefan Fischerkeller 
Dr.-Klein-Str. 29, 88069 Tettnang 
Germany  

Contact: 
Phone: +49 (0) 7542 949 21-00 
Email: datenschutz@intimus.com  

Terms 

The technical terms used in this privacy policy are to be understood as legally defined in Art. 4 GDPR. 

The terms "user" and "website visitor" are used synonymously in our privacy policy. 

Recipients of data 

Recipients of data are named in our privacy policy under the respective category/heading. 

Categories of data subjects 

The categories of data subjects are website visitors and other users of online services. 

Information on data processing 

Automated data processing (log files etc.) 

Our website can be visited without actively providing personal information about the user. However, every time our website is accessed, we automatically store access data (server log files), such as the name of the internet service provider, the operating system used, the website the user visited us from, the date and duration of the visit and the name of the file accessed, as well the IP address of the device used (for security reasons, such as to recognise attacks on our website) for a duration of 7 days. This data is solely evaluated for the purpose of improving our offering and does not enable conclusions to be drawn about the person of the user. This data is not merged with other data sources. We process and use the data for the following purposes:  to provide the website, to improve our websites and to prevent and identify errors/malfunctions and the abuse of the website.  

Data categories:
Meta and communication data (e.g. IP address, date and time of access, time, type of HTTP request, website from which access is made (referrer URL), browser used and, if applicable, operating system of the accessing computer (user agent)) 

Purpose of processing:
Prevention and detection of errors/malfunctions, detection of misuse of the website 

Legal base:
legitimate interests (Art. 6 (1) (f) GDPR) 

Legitimate interests:
Fraud prevention to detect misuse of the website

Required cookies (functionality, opt-out links, etc.) 

In order to enable the use of the basic functions on our website and to provide the service requested by the user, we use so-called cookies on our website. Cookies are a standard Internet technology for storing and retrieving information for website users. Cookies represent information and/or data that can be stored on the user's end device, for example. With classic cookie technology, the user's browser is instructed to store certain information on the user's device when a specific website is accessed. 

Strictly necessary cookies are used to provide a telemedia service expressly requested by the user, e.g: 

  • Cookies for error analysis and security purposes 
  • Cookies for storing logins 
  • Cookies to store data in online forms if the form extends over several pages 
  • Cookies for storing (language) settings 
  • Cookies to store items placed in the shopping cart by users in order to complete the purchase 
  • Cookies for storing consent or revocation (opt-in, opt-out) 

Some of the cookies used (so-called session cookies) are deleted after the end of the browser session, i.e. after closing the browser. 

Cookies can be deleted by users retrospectively in order to remove data that the website has stored on the user's computer. 

The data processing described above may also relate to information that is not personal but constitutes information within the meaning of the TTDSG. In these cases, too, this information may be required for the use of an expressly requested service and may therefore be stored in accordance with Section 25 TTDSG. 

Opt-Out:

Firefox: 
https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen 

Google Chrome: 
https://support.google.com/chrome/answer/95647?hl=de  

Microsoft Edge: 
https://support.microsoft.com/de-de/microsoft-edge/inprivate-browsen-in-microsoft-edge-cd2c9a48-0bc4-b98e-5e46-ac40c84e27e2  

Opera: 
https://help.opera.com/en/latest/security-and-privacy/ 

Safari 
https://support.apple.com/de-de/HT201265  

Legal base:
Legitimate interests (Art. 6 para. 1 lit. f) GDPR in conjunction with Section 25 para. 2 no. 2 TTDSG), consent (Art. 6 para. 1 lit. a) GDPR in conjunction with Section 25 para. 1 TTDSG) 

Legitimate interests:
Storage of opt-in preferences, ensuring the functionality of the website, preserving user status across the entire website 

Storage and processing of unnecessary information and data 

Beyond the required scope, user data may be processed by means of cookies, similar technologies or application-related technologies, e.g. for the purpose of (cross-website) tracking or personalized advertising etc.. Data may be transmitted to third-party providers. The storage and further processing of user data that is not absolutely necessary to provide the telemedia service is then carried out on the basis of consent within the meaning of Art. 6 para. 1 lit. a) GDPR (if applicable in conjunction with § 25 para. 1 sentence 2 TTDSG). 

Consent Management Tool (Consent management) 

We use a consent management process on our website to store and manage the consent given by website visitors in a verifiable manner in accordance with data protection requirements. The consent management platform used helps us to recognize all cookies and tracking technologies and to control them based on the consent status. At the same time, visitors to our website can use the consent management service we have integrated to manage the consents and preferences given (optional setting of cookies and other technologies that are not required) or revoke consent at any time using the button. 

The status of the consent is stored on the server and/or in a cookie (so-called opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or their device. The time of the declaration of consent is also recorded. 

Data categories:
Usage data (e. g. websites visited, interest in content, access times), metadata and communication data (e. g. device information, IP addresses) 

Purposes of processing:
Fulfilment of accountability obligations, Consent management 

Legal bases:
Legal obligation (Art. 6 para 1 lit. c) GDPR, Art. 7 GDPR 

Cookieman 

Recipient of data:
d-mind GmbH, Mörikestraße 69, 70199 Stuttgart, Deutschland 

Third country transfer:
Does not take place 

Privacy Policy:
https://www.d-mind.de/datenschutz/  

Hosting 

Our online offer is hosted by an external service provider. Personal data of the website visitors to our online offer, so-called log files, are stored on the servers of our service provider. This may also be data that is collected during the active use of our website. By using a specialised service provider, we can provide our website securely and efficiently. The hosting provider we use does not process the data for its own purposes.  

Data categories:                    
Usage data (e. g. websites visited, interest in content, access times), metadata and communication data (e. g. device information, IP addresses)

Purposes of processing:       
Proper presentation and optimization of the website, faster and location-independent accessibility of the website

Legal bases:                          
Consent (article 6 (1) (a) GDPR), legitimate interest (article 6 (1) (f) GDPR)

Legitimate interests:              
Avoidance of downtimes, high scalability, reduction of the bounce rate on the website

Recipient of data:                    
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany

Legal base:                             
egitimate interest (article 6 (1) (f) GDPR)

Third country transfer:              
Does not take place

Privacy Policy:                         
https://www.hetzner.com/de/legal/privacy-policy/

Google APIs 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

Google Static 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

Website support and consulting, web agency 

We have commissioned a web agency to provide support and advice for services and applications on our website. This agency supports us in all activities related to the design and functionality of our website. In this context, the web agency selected by us receives the access data for our website in order to make necessary adjustments and changes, such as the design of forms or other programming activities.  

The web agency also supports us in maintaining and managing our social media accounts, our content management system and our accounts with search engine providers.  

Access to personal data, such as data from forms or log data of website visitors, cannot be ruled out. The web agency therefore acts as a so-called processor for us and only acts on our instructions. Data is not processed for other purposes.  

Data categories:
Usage data (e.g. access times), meta and communication data (e.g. device information, IP addresses), contact data (e.g. email address), content data (e.g. text information), evaluation data from social media accounts (e.g. anonymized statistics) 

Purposes of processing:
Support with web analysis and optimization, analysis of user behavior on the website (website interaction) for web optimization and reach measurement, checking the utilization of the website 

Legal bases:
legitimate interest (article 6 (1) (f) GDPR) 

Legitimate interests:
Support and assistance with website maintenance through high level of expertise, efficiency through outsourcing 

quarterloop gmbh 

Recipient of data:
quarterloop gmbh, Zwanzigerstraße 16, 88131 Lindau, Germany 

Third country transfer:
Does not take place 

Privacy Policy:
https://www.skouz.de/datenschutz 

Web analytics and optimization 

We use procedures on our website to analyze user behavior and to measure reach. For this purpose, information about the behaviour, interests or demographic information of visitors is collected in order to determine whether and where our website needs to be optimized or adapted (e.g. forms on the website, improved placement of buttons or call-to-action buttons, etc.).  

We can also measure the click and scroll behavior of website visitors. Among other things, this helps us to recognize at what time our website, its functions or content are most frequented.  

The collection of this data is made possible by the use of certain technologies (e.g. cookies). These are stored on users' end devices as part of client-side tracking when they visit our website.  

We take precautions to protect the identity of our website visitors. We do not process any clear data of website visitors for the purposes described above.  

Data categories:
Usage data (e.g. websites visited, interest in content, access times), demographic characteristics (age, gender), meta and communication data (e.g. device information, anonymized IP addresses, location data), contact data (e.g. email address), content data (e.g. text information) 

Purposes of processing:
Checking the status of target achievement (success control) of all online activities: Analysis of user behaviour on the website (website interaction) for web optimization and reach measurement, checking the utilization of the website, lead evaluation, sales increase, budget control 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Google Analytics 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

Online marketing 

Search Engine Marketing (Advertising in search engines) 

We use search engine marketing methods. Search engine marketing includes all measures that are suitable for improving the visibility of our website in the organic or non-organic search results of search engines, increasing our reach and thus increasing traffic (visitor traffic) to our website. We can also use search engine marketing to generate new prospects (leads). The search engine provider sells us advertising space on the search engine results page or on websites of the search engine provider's partners. 

The advertisements can therefore be placed on various external platforms or websites. The ads are displayed to users in the form of text, display or video ads. 

Using our tracking tool, we first create a campaign for search engine advertising and store various dimensions there that are to be recorded by the search engine provider selected by us, e.g. user location, device information and target groups (demographic characteristics). This enables us to gain further insights into the interests in our content/products and, if necessary, to recognize trends. 

The process is implemented using a cookie or similar technology. When a visitor visits our website or searches for a specific keyword within the search engine used (e.g. Google), a cookie or similar technology is set on the website visitor's end device. This data may include, for example, user locations and device information, which is transmitted to the search engine provider's server. The search engine provider aggregates this data and makes it available to us automatically in the form of a statistical analysis via a dashboard in our account with the search engine provider. 

The statistics provide us with information about which of our ads were clicked on, how often and at what prices, and whether our marketing measures led to a so-called event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation serves to analyze the success of our online activities. Because every click on an ad incurs costs for us, these clicks on external platforms and websites are recorded using our tracking tool. The recording is used for budget and success control. 

Note: 
Website visitor data (e.g. name and e-mail address) can be assigned directly if they are logged into their account with the search engine provider. If assignment via the profile is not desired, the website visitor must log out of the search engine provider before visiting our website. 

Data categories:
Usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses), location data, contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos) 

Purposes of processing:
Increase in sales and reach, conversion measurement, target group formation, identification of trends for the development of marketing strategies 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Moat 

Recipient of data:
ORACLE Deutschland B.V. & Co. KG, Riesstraße 25, 80992 München, Germany 

Legal base:                             
Consent (article 6 (1) (a) GDPR)

Third country transfer:
Does not take place 

Privacy Policy:
https://www.oracle.com/de/legal/privacy/ 

Presence on social media 

We maintain a company profile on social networks and career platforms in order to increase our visibility among potential customers and interested parties and to make our company visible to the public. 

Social networks help us to increase our reach and actively promote interaction and communication with users. Activity and communication on social media plays a key role in attracting new customers and employees. Social media and the website can be used to share relevant information about our company, publicize events and communicate important short-term announcements and job vacancies. They also help us to get in touch with users quickly and easily. 

Social media platform operators create so-called user profiles based on the usage behavior of users, for example the indication of interests (likes, shares). These are used to adapt advertisements to the interests of target groups. When users are active on social media channels, cookies or other technologies are regularly stored on users' end devices, in some cases regardless of whether they are registered users of the social network.  

Insights (statistics) 

The data evaluated by the social media platform operators are provided to us in the form of anonymized statistics, which means that they no longer contain any personal data of users. We can use the statistics to see, for example, how often and at what time our social media profile was visited. It is currently not possible for fan page operators to deactivate this function. We therefore have no influence on the extent to which the data is processed by social media platforms. 

Depending on where the social network is operated, user data may be processed outside the European Union or outside the European Economic Area. This may result in risks for users because it makes it more difficult to enforce their rights.  

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos), usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses) 

Purposes of processing:
Increase in the reach, networking of users 

Legal bases:
legitimate interest (article 6 (1) (f) GDPR), Consent (article 6 (1) (a) GDPR) 

Legitimate interests:
Interaction and communication on social media pages, increase in profits, findings regarding target groups 

Facebook

Recipient of data:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland 
Meta Platforms Inc. 1601 Willow Rd, Menlo Park, CA 94025, USA 

Opt-Out-Link:
https://www.facebook.com/policies/cookies/ 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://www.facebook.com/privacy/explanation 

Instagram 

Recipient of data:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland 
Meta Platforms Inc. 1601 Willow Rd, Menlo Park, CA 94025, USA 

Opt-Out-Link:
https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/ 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://help.instagram.com/519522125107875 

LinkedIn

Recipient of data:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Does not take place 

Privacy Policy:
https://www.linkedin.com/legal/privacy-policy  

Twitter

Recipient of data:
Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Irland 

Opt-Out-Link:
https://help.twitter.com/de/rules-and-policies/twitter-cookies#privacy-options 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Does not take place 

Privacy Policy:
https://twitter.com/de/privacy 

Xing

Recipient of data:
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Does not take place 

Privacy Policy:
https://privacy.xing.com/de/datenschutzerklaerung 

YouTube 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

Plug-ins and integrated third-party content 

Our website includes functions and elements that are obtained from third-party providers. These are, for example, videos, presentations, buttons, map services (maps) or contributions (hereinafter referred to as content ). If this third-party content is accessed by website visitors (e.g. click, play, etc.), information and data are collected and linked to the website visitor's end device in the form of cookies or other technologies (e.g. pixels, Java Script commands or web assembly) and transmitted to the server of the third-party provider used. As a result, the third-party provider receives usage and interaction data of the website visitor. 

It is not possible to load and display this third-party content without this processing operation. 

In order to protect the personal data of website visitors, we have taken protective measures to prevent the automatic transmission of this data to the third-party provider. This data is only transmitted when users actively use the buttons and click on the third-party content. 

Data categories:
Usage data (e.g. websites visited, interests, access time), meta and communication data (e.g. device information, anonymized IP address) 

Purposes of processing:
Sharing posts and content, interest- and behavior-based marketing, evaluation of statistics, cross-device tracking, increasing reach in social media 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Google Fonts 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

Google Play 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:
Consent (article 6 (1) (a) GDPR) 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy:
https://policies.google.com/privacy?hl=en-US  

YouTube 

Recipient of data:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ir-land 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA 

Legal base:                             
Consent (article 6 (1) (a) GDPR)

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy: 
https://policies.google.com/privacy?hl=de&gl=de  

Newsletter and broad communication (with tracking) 

On our website, users have the option of subscribing to our newsletter or any notifications via various channels (hereinafter referred to as "newsletter"). We only send newsletters in accordance with the statutory provisions to recipients who have consented to receive the newsletter. We use a selected service provider to send our newsletter. 

To subscribe to our newsletter, you must provide an e-mail address. We may also collect additional data, such as your name, in order to personalize our newsletter.  

Our newsletter is only sent after the double opt-in procedure has been completed. If website visitors decide to subscribe to our newsletter, they will receive a confirmation e-mail, which serves to prevent the misuse of false e-mail addresses and to prevent the newsletter from being sent by a simple, possibly inadvertent click. You can unsubscribe from our newsletter at any time in the future. An unsubscribe link (opt-out link) is included at the end of each newsletter. 

We are also obliged to provide proof that our subscribers actually wanted to receive the newsletter. For this purpose, we collect and store the IP address and the time of subscription and unsubscription. 

Newsletter tracking 

Our newsletters are designed in such a way that it is possible for us to gain insights into improvements, target groups or the reading behavior of our subscribers. This enables us to use a so-called web beacon or tracking pixel, which reacts to interactions with the newsletter, for example whether links are clicked on, whether the newsletter is opened at all or at what time the newsletter is read. For technical reasons, we can assign this information to individual subscribers. 

Data categories:
Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times) 

Purposes of processing:
Marketing, customer retention and new customer acquisition, analysis and evaluation of the success of the campaign. 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Mailchimp (INTUIT) 

Recipient of data:
The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA 

Legal base:                             
Consent (article 6 (1) (a) GDPR)

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy Policy: 
https://mailchimp.com/legal/privacy/ 

Advertising communication 

We also use data provided to us, which we have received e.g. in the context of an order or commissioning of a service etc., for advertising purposes, in particular to inform you on various channels about news from us or from our portfolio of offers. We will contact you for advertising purposes within the framework of the legal requirements and - if necessary - after obtaining your consent. If the recipients of our advertising do not wish to receive it, they can inform us of this at any time and object or withdraw their consent. The unsubscribe button in our email can be used for this purpose.  Only those users who have not objected to receiving our advertising in advance will receive it.  

We have commissioned a service provider to send the advertising messages. This service provider acts exclusively on our instructions. The data is not processed for purposes other than sending. 

Data categories:
Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number if applicable) 

Purposes of processing:
Direct marketing 

Legal bases:
legitimate interest (article 6 (1) (f) GDPR), Consent (article 6 (1) (a) GDPR) 

Legitimate interests:
Retention of existing and acquisition of new contacts or contractual partners, information about similar goods and services. 

eCommerce and payment methods 

Online store and orders 

We offer our customers the opportunity to use our online store on our website to purchase our products.  

We collect the data required from users and buyers for the initiation and execution of the contract. 

If users visit our online store and place items in their shopping cart, cookies are stored on the user's device to ensure that the items remain in the shopping cart until the order process is completed. During the process, no data is transferred to third parties via cookies. Likewise, we have not integrated any third-party elements via the shopping cart function.  

Users or customers receive an automatically generated e-mail from us after completing the order process, which confirms the successful completion of the order. We may inform our customers separately by e-mail about the status of their order (e.g. expected delivery date).  

Data categories:
Master data (e.g. name, address, country), contact data (e.g. e-mail address), contract data (e.g. order history, payment data and means of payment), meta and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in products/services, access times), returns data (e.g. details of the item, processing request) 

Purposes of processing:
Contract initiation and execution, interest-based advertising, customer account-related discounts where applicable Direct marketing 

Legal bases:
Contract initiation and execution (Art. 6 para. 1 lit. b) GDPR), legitimate interests (Art. 6 para. 1 lit. f) GDPR) 

Legitimate interests:
Increasing sales, enabling the purchase of products in the online store regardless of time and place is in the potential interest of users. 

Contacting us 

On our online offering, we offer the option of contacting us directly or requesting information via various contact options. 

In the event of contact being made, we process the data of the person making the enquiry to the extent necessary for answering or handling their enquiry. The data processed can vary depending on the method via which contact is made with us. 

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos), metadata and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times) 

Purposes of processing:
Processing requests 

Legal bases:
Consent (article 6 (1) (a) GDPR), performance of contract (article 6 (1) (b) GDPR) 

Blog and forum 

We have provided a blog or comparable publication options on our website. We would like to give visitors the opportunity to contact us in this way or to share their thoughts and suggestions.  

If users publish comments and contributions on our site, we are obliged to prevent unlawful content or its publication on our site. In order to comply with this obligation and to protect our interests in indemnifying ourselves in the event that we are held liable for the third-party contribution, we collect the IP address of the respective user. This also helps us to recognize spam. 

Furthermore, there is no obligation for users to provide information within the function provided that could allow conclusions to be drawn about the user's identity. A contribution can also be published using a pseudonym. This allows the user to determine which data and content we process.  

Data categories:
Master data (e.g. name, address), Contact data (e.g. e-mail address, telephone number), Content data (e.g. text input, photographs, videos), Usage data (e.g. interests, access times), Meta and communication data (e.g. device information, IP address), Contract data (e.g. subject matter of the contract) 

Purposes of processing:
Networking users, building customer loyalty, service and feedback 

Legal bases:
Consent (Art. 6 para. 1 lit. a) GDPR), legitimate interest (Art. 6 para. 1 lit. f) GDPR) 

Legitimate interests:
Indemnification in the event of liability, prevention, security of the online presence, duplication of communication channels, optimization of the website. 

Online conferences, meetings and webinars  

We make use of the opportunity to hold online conferences, meetings and webinars. To do so, we use offerings provided by other carefully selected providers.  

When actively using offerings of this nature, data regarding the participants in the communication is processed and stored on the servers of the third-party services used, provided this data is necessary for the communication process. In addition, usage data and metadata can also be processed.  

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), Content data (e.g. text inputs, photographs, videos), metadata and communication data (e.g. device information, IP addresses)  

Purposes of processing:
Processing of enquiries, increase in efficiency, promotion of cross-company or cross-location collaboration 

Legal bases:
Consent (article 6 (1) (a) GDPR) 

Microsoft Teams 

Recipient of data:
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA 

Third country transfer:
Based on the adequacy decision of the European Commission for the USA 

Privacy:
https://privacy.microsoft.com/de-de/privacystatement 

Further mandatory information on data processing 

Data transfer 

We transfer the personal data of website visitors for internal purposes (e.g. for internal administration or to the HR department in order to comply with legal or contractual obligations). The internal data transfer or disclosure of data takes place to the extent necessary in compliance with the relevant data protection regulations. 

It may be necessary for us to pass on personal data in order to execute contracts or to fulfill a legal obligation. If we are not provided with the data required in this respect, it may not be possible to conclude the contract with the data subject. 

If your data is processed outside the EU/EEA, in so-called third countries (e.g. USA), we ensure that this is done in accordance with the requirements of Art. 44 et seq. GDPR. We take additional measures to ensure the highest possible level of protection for the personal data of data subjects. The guarantee applicable to the transfer to third countries is specified in our privacy policy for the respective recipients. 

Legal basis:
Legitimate interests (article 6 (1) (f) GDPR) 

Legitimate interests:
‘Small-group exemption’, centralised management and administration within the company to make use of synergy effects, cost savings, increased efficiency 

Recipient:
www.intimus.com/about-us/

Data Processing 

Recipients used may act for us as so-called processors. We have concluded so-called "order processing contracts" with them in accordance with Art. 28 para. 3 GDPR. This means that the processors may only process your personal data in a way that we have explicitly instructed them to do so. Processors take adequate technical and organizational measures to process your data securely and in accordance with our instructions. 

Storage period 

We store the data of visitors for as long as this is necessary for the provision of our services or if this has been provided for by the European legislator or another legislator in laws or regulations to which we are subject. In all other cases, we delete the personal data after the purpose has been fulfilled, with the exception of data that we must continue to store in order to fulfill legal obligations (e.g. we are obliged to retain documents such as contracts and invoices for a certain period of time due to retention periods under tax and commercial law).

Storage period for required cookies: 30 days

Storage period for cookies/technologies that are not required: After expiry of the session and upon revocation by the data subject

Automated decision-making (including profiling)

We do not use automated decision-making or profiling in accordance with Art. 22 GDPR. 

Legal bases 

The decisive legal bases primarily arise from the GDPR. They are supplemented by national laws from member states and can, if applicable, be applied alongside or in addition to the GDPR.  

Consent:
Article 6 (1) (a) GDPR serves as the legal basis for processing procedures regarding which we have sought consent for a particular purpose of processing.  

Performance of a contract:
Article 6 (1) (b) serves as the legal basis for processing required to perform a contract to which the data subject is a contractual party or for taking steps prior to entering into a contract, at the request of the data subject. 

Legal obligation:
Article 6 (1) (c) GDPR is the legal basis for processing that is required to comply with a legal obligation.  

Vital interests:
Article 6 (1) (d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person. 

Public interest:
Article 6 (1) (e) GDPR serves as the legal basis for processing that is necessary to perform a task in the public interest or to exercise public force that is transferred to the controller. 

Legitimate interest:
Article 6 (1) (f) GDPR serves as the legal basis for processing that is necessary to protect the legitimate interests of the controller or a third party, provided this is not outweighed by the interests or fundamental rights and fundamental freedoms of the data subject that require personal data to be protected, particularly if the data subject is a child. 

Rights of the data subject 

Right of access:
Pursuant to article 15 GDPR, data subjects have the right to request confirmation as to whether we process data relating to them. They can request access to their data, along with the additional information listed in article 15 (1) GDPR and a copy of their data. 

Right to rectification:
Pursuant to article 16 GDPR, data subjects have the right to request that data relating to them, and that we process, be rectified or completed. 

Right to erasure:
Pursuant to article 17 GDPR, data subjects have the right to request that data relating to them be erased without delay. Alternatively, they can request that we restrict the processing of their data, pursuant to article 18 GDPR.  

Right to data portability:
Pursuant to article 20 GDPR, data subjects have the right to request that data made available to us by them be provided and transferred to another controller. 

Right to lodge a complaint:
In addition, data subjects have the right to lodge a complaint with the supervisory authority responsible for them, under article 77 GDPR. 

Right to object:
If personal data is processed on the basis of legitimate interests pursuant to article 6 (1) (1) (f) GDPR, under article 21 GDPR data subjects have the right to object to the processing of their personal data, provided there are reasons for this that arise from their particular situation or the objection relates to direct advertising. In the latter case, data subjects have a general right to object that is to be put into effect by us without a particular situation being stated. 

Withdrawal of consent 

Some data processing procedures can only be carried out with the express consent of the data subject. Once granted, you are able to withdraw consent at any time. To do so, sending an informal note or email to datenschutz@intimus.com is sufficient. The consent of data processing operations on our online offer can be directly adjusted in our Cookieman-Tool. The legality of the data processing carried out up to the point of withdrawal shall remain unaffected by the withdrawal. 

External links

Our website includes links to online offerings from other providers. We note that we have no influence over the content of the online offerings linked to and over whether their providers comply with data protection provisions. 

Amendments 

We reserve the right to amend this information on data protection, in compliance with the applicable data protection provisions, if changes are made to our online offering so that it complies with the legal requirements. 

This Privacy Policy was drawn up by  
DDSK GmbH 
www.ddsk.de