Data protection notice.

1. General

This data protection notice provides information on how, to what extent and for what purposes personal data of visitors (hereinafter ‘you’ or ‘user’) to the website are processed. The company named in section 3 (hereinafter ‘we’) is a service provider within the meaning of the Telemedia Act (TMG) and is responsible for data protection.

Data processing based on the use of this website is carried out on the basis of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). Depending on the individual case, other legal principles may also be relevant.

 

2. Definitions

a) ‘Personal data’

Personal data means any information relating to an identified or identifiable natural person. A natural person is considered to be identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

b) ‘Processing’

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasing or destruction.

 

3. Name and contact details of the controller

This privacy policy provides information about the processing of personal data on the law firm's website

 

Pelka und Sozien GmbH

Rechtsanwaltsgesellschaft Steuerberatungsgesellschaft

Kaiser-Wilhelm-Ring 3-5

50672 Cologne

Telephone: (0221) 546780

Fax: (0221) 544028

Email: koeln@pelkapartner.de


4. Name and contact details of the company data protection officer

The company data protection officer can be contacted as follows:

 

Tamara Printz

Pelka und Sozien GmbH

Rechtsanwaltsgesellschaft

Steuerberatungsgesellschaft

Kaiser-Wilhelm-Ring 3-5

50672 Cologne

Telephone: (0221) 546780

Fax: (0221) 544028

Email: datenschutzbeauftragter@pelkapartner.de

 

5. Collection and storage of personal data; scope and purpose of processing

a) Data storage when accessing the website

When you visit our website https://www.pelkapartner.de, the browser used on your device automatically sends information to our website's server. This information is temporarily stored by us in a so-called log file and automatically anonymised or deleted 7 days after the end of your visit to our website. The following information is collected without any action on your part and stored until it is automatically deleted:

  • IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which access is made (referrer URL),
  • browser used,
  • if applicable, the operating system of your computer,
  • name of the access provider you use,
  • status and amount of data transferred during your visit to our website.
  •  

We process the aforementioned data

  • to ensure a smooth connection setup of the website,
  • to ensure a comfortable use of our website,
  • to evaluate system security and stability, and
  • to facilitate and improve the administration of the website.

 

The legal basis for data processing in accordance with this data protection notice is Article 6 paragraph 1 f) GDPR. Our legitimate interest follows from the purposes of data collection listed above.

The processing is explicitly not carried out for the purpose of obtaining information about the person visiting the website.

 

When you visit our website, we use cookies and analysis services. You can find more detailed explanations of the use of cookies and analysis services in sections 7 and 10 of this data protection notice.

 

b) Data storage when subscribing to our newsletter

By subscribing to the newsletter, the visitor explicitly agrees to the processing of the personal data transmitted. A reference to this data protection notice is made. The legal basis for the processing of the visitor's personal data for the purpose of sending newsletters is consent in terms of Art. 6 (1) lit. a GDPR.

We use your email address to send you our newsletter on a regular basis.

To receive the newsletter, it is sufficient to provide an email address (mandatory field).

The user's email address is stored for as long as the newsletter subscription is active.

It is possible to unsubscribe at any time. You can unsubscribe either via a link at the end of each newsletter or at any time by sending an email to VAT-Redaktion@pelkapartner.de.

 

c) Data storage when using our contact form

(callback service)

If you have any questions, you can contact us using the form provided on the website. You need to provide a valid email address so that we know who sent the request and so that we can answer it. Further information can be provided voluntarily.

By sending the message via the contact form, the visitor consents to the processing of the personal data transmitted. Reference is made to this data protection notice. The data processing is carried out exclusively for the purpose of processing and answering enquiries via the contact form. This is done on the basis of the voluntarily granted consent in accordance with Art. 6 (1) lit. a of the GDPR. The personal data collected for the use of the contact form will be automatically deleted as soon as the request has been completed and there are no reasons for further storage (e.g. subsequent commissioning of our law firm). The user has the option at any time to withdraw his consent to the processing of personal data.

 

d) Data storage in the course of sending an email

The legal basis for the processing of the data transmitted in the course of sending an email is Art. 6 (1) lit. f GDPR. The personal data sent by email will be deleted when the respective conversation with the user has ended. The conversation is ended when it can be concluded from the circumstances that the matter in question has been finally clarified. If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of making contact will be deleted in this case.

 

e) Data storage in the course of a request via telephone or fax

If you contact us via telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not share this information without your consent. The processing of these data is based on Art. 6 (1) lit. b DSGVO, provided that your request is related to the execution of a contract or is required for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) lit. f DSGVO) or on your consent (Art. 6 (1) lit. a DSGVO), provided that this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, withdraw your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have finished processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

6. Disclosure of data

We only disclose your personal data if

  • you have given your explicit consent in accordance with Article 6 (1) sentence 1 (a) GDPR,
  • the disclosure is required in accordance with Article 6 (1) sentence 1 (f) GDPR

 

o  for the establishment,

o  for the execution or

o  for the defence

of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,

  • for the disclosure according to Article 6 (1) sentence 1 (c) GDPR a legal obligation exists,
  • this according to Article 6 (1) sentence 1 (b) GDPR is required for the execution of contractual relationships with you.

Note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are vulnerable in terms of data protection. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that these countries cannot guarantee a level of data protection comparable to that in the EU. For example, US companies are obliged to release personal data to security authorities without you as the data subject being able to take legal action against this. It therefore cannot be guaranteed that US authorities (e.g. secret services) will not process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.

 

7. Cookies

So-called cookies are used on the website. These are data packets that are exchanged between the server of the law firm's website and the visitor's browser. These are stored by the respective devices used (PC, notebook, tablet, smartphone, etc.) when visiting the website. In this respect, cookies cannot cause any damage to the devices used. In particular, they do not contain viruses or other malware. Information is stored in the cookies that is generated in connection with the specific terminal device used. Under no circumstances can we obtain direct knowledge of the identity of the visitor to the website using cookies.

 

Cookies are usually accepted under the basic browser settings. The browser settings can be set up so that cookies are either not accepted on the devices used or so that a special message is displayed before a new cookie is created. However, it should be noted that disabling cookies may mean that not all features of the website can be used to their full potential.

 

The use of cookies serves to make the use of our website more convenient and secure. For example, we can use our own session cookies to determine whether a visitor has already visited individual pages on the website. After leaving the website, these session cookies are automatically deleted.

To improve user-friendliness, our own temporary cookies may be used. These are stored on the visitor's device for a temporary period of a maximum of 3 days. If the visitor returns to the website within this time, the system automatically recognises that the visitor has already accessed the page at an earlier point in time and which entries and settings were made so that they do not have to be repeated.

 

Cookies are also used to analyse visits to the website for statistical purposes and to improve the service. These cookies make it possible to automatically recognise that the visitor has already accessed the website when they return. These cookies are automatically deleted after a specified period.

The data processed by cookies is used for the above-mentioned purposes of protecting the legitimate interests of the law firm in accordance with Article 6 (1) sentence 1 (f) GDPR.

 

8. Your rights as a data subject

Insofar as your personal data is processed when you visit our website, you have the following rights as a ‘data subject’ within the meaning of the GDPR:

 

8.1 Information

You can request information from us about whether we process your personal data. There is no right to information if providing the requested information would violate the duty of confidentiality in accordance with Section 57 (1) and Section 62 of the Tax Advisory Act (StBerG), Section 43a of the Federal Lawyers' Act (BRAO) and Section 43 (1) sentence 1 and Section 50 of the Act on Officially Recognised Occupations and Professions (WPO) or if the information must be kept secret for other reasons, in particular due to an outweighing legitimate interest of a third party. However, there may be an obligation to provide information if, in particular, taking into account the threat of damage, your interests outweigh the interest in confidentiality. The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or serves exclusively for the purposes of data backup or data protection control, provided that the provision of information would require a disproportionately high effort and the processing for other purposes is excluded by suitable technical and organisational measures. Provided that the right of access is not excluded in your case and your personal data is processed by us, you can request the following information from us:

 

  • purposes of the processing,
  • categories of personal data processed by you,
  • recipients or categories of recipients to whom your personal data is disclosed, in particular recipients in third countries,
  • if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining the storage duration,
  • the existence of a right to correction or deletion or restriction of the processing of the personal data concerning you or a right of objection to this processing,
  • the existence of a right of appeal to a data protection supervisory authority,
  • if the personal data has not been collected from you as the data subject, the available information about the origin of the data,
  • if applicable, the existence of automated decision-making including profiling and meaningful information about the logic involved as well as the significance and the envisaged consequences of such automated decision-making,
  • if applicable, in the case of transmission to recipients in third countries, provided that there is no decision by the EU Commission on the adequacy of the level of protection pursuant to Art. 45 (3) GDPR, information on which appropriate safeguards pursuant to Art. 46 (2) GDPR are provided for the protection of personal data.

 

8.2 Correction and completion

If you notice that we have stored inaccurate personal data about you, you can demand that we correct this inaccurate data without unreasonable delay. If your personal data is incomplete, you can demand that it should be completed.

 

8.3 Deletion

You have the right to deletion (the ‘right to be forgotten’), provided that the processing is not required for the exercise of the right to freedom of expression, the right to information or for the fulfilment of a legal obligation or for the performance of a task that is in the public interest and one of the following reasons applies:

  • The personal data is no longer necessary for the purposes for which it was processed,
  • the only justification for the processing was your consent, which you have withdrawn,
  • you have objected to the processing of your personal data that we have made public,
  • you have objected to the processing of personal data that we have not made public and there are no overriding legitimate reasons for the processing,
  • your personal data has been processed unlawfully,
  • the deletion of personal data is necessary to fulfil a legal obligation to which we are subject.

 

There is no right to deletion if, in the case of lawful non-automated data processing, deletion is not possible or only possible with disproportionately high effort due to the special type of storage and your interest in deletion is low. In this case, the restriction of processing takes the place of deletion.

 

8.4 Restriction of processing

You have the right to obtain from us the restriction of processing where one of the following applies:

  • You dispute the accuracy of the personal data. In this case, the restriction may be requested for the period of time that enables us to verify the accuracy of the data,
  • the processing is unlawful and you request the restriction of the use of your personal data instead of deletion,
  • we no longer need your personal data for the purposes of processing, but you need it to establish, exercise or defend legal claims,
  • you have objected to processing pursuant to Article 21(1) of the GDPR. The restriction of processing can be requested until it has been established whether our legitimate reasons outweigh your reason.

Restricting the data processing means that the personal data will only be processed with your consent or for the purpose of establishing, pursuing or defending legal claims or protecting the rights of another natural or legal person or for reasons of substantial public interest. We are obliged to inform you before we withdraw the restriction.

 

8.5 Data portability

You have the right to data portability if the processing is based on your consent (Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a GDPR) or on a contract to which you are a party and the processing is carried out by automated means. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others:

You can request to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You have the right to transmit this data to another data controller without interference from us. Where technically possible, you can request that we transmit your personal data directly to another data controller.

 

8.6 Objection

If the processing is based on Article 6 (1) sentence 1 (e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or on Article 6 (1) sentence 1 (f) GDPR (legitimate interests of the controller or a third party), you have the right to object, on reasons relating to your particular situation, at any time to the processing of personal data concerning you. This also applies to profiling based on Article 6 (1) sentence 1 (e) or (f) GDPR. After you have exercised your right of objection, we will no longer process your personal data unless we can prove compelling reasons for the processing worthy of protection that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You can object to the processing of your personal data for direct marketing purposes at any time. This also applies to any profiling associated with such direct advertising. After you have exercised this right to object, we will no longer use the personal data concerned for direct advertising purposes.

You can notify us of your objection informally via telephone, email, fax or to our postal address listed at the beginning of this data protection notice.

 

8.7 Withdrawal of consent

You have the right to withdraw your consent at any time with effect for the future. The withdrawal of consent can be communicated informally via telephone, email, fax or to our postal address. The withdrawal of consent shall not affect the lawfulness of the data processing carried out on the basis of the consent until the withdrawal is received. After receiving the withdrawal, the data processing that was based exclusively on your consent will be terminated.

 

8.8 Complaints

If you believe that the processing of your personal data is unlawful, you can file a complaint with a data protection supervisory authority that is responsible for your place of residence or work or for the place of the alleged infringement.

 

9. Data protection for job applications and in the application process

The data controller collects and processes the personal data of applicants for the purpose of processing the application. The processing can also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents to the data controller by electronic means, for example via email or via a contact form on the website. If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the data controller, the application documents will be automatically deleted 2 months after notification of the decision, provided that no other legitimate interests of the data controller conflict with such deletion. Another legitimate interest in this sense, for example, is a duty of proof in proceedings under the General Equal Treatment Act (GETA).

 

10. Analysis tools

Tracking tools

We are committed to ensuring that our website is designed to meet demand and is continuously optimised. On the basis of Article 6 (1) sentence 1 (f) GDPR, we therefore use the tracking measures listed below. We also use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate in the sense of the aforementioned regulation.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

 

Google Analytics

If you have given your consent, this website uses Google Analytics 4, a web analysis service provided by Google LLC. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’).

 

Extent of processing

Google Analytics uses cookies that enable an analysis of your use of our websites. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

 

Google Analytics 4 has activated the anonymisation of IP addresses by default. Due to IP anonymisation, your IP address will be shortened by Google within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your visit to our website, your user behaviour is recorded in the form of ‘events’. Events can be:

  • Page views
  • First-time visit to the website
  • Start of the session
  • Your ‘click path’, interaction with the website
  • Scrolls (whenever a user scrolls to the bottom of the page (90%))
  • Clicks on external links
  • Internal search queries
  • Interaction with videos
  • File downloads
  • Viewed/clicked ads
  • Language setting


The following is also recorded:

  • Your approximate location (region)
  • Your IP address (in abbreviated form)
  • Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • Your internet service provider
  • the referring URL (via which website/advertising medium you came to this website)

 

Purposes of processing

 

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your anonymous use of the website and for compiling reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.

 

Recipients

Recipients of the data are/may be

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
  • Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be guaranteed that US authorities will not access the data stored by Google.

 

Third country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection that meets European standards, we have concluded EU standard contractual clauses with the service provider to ensure an adequate level of data protection. The holding company of Google Ireland, Google LLC, is based in California, USA. It cannot be guaranteed that data transmission to the USA and access to data stored by Google by US authorities can be avoided. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as you do within the EU/EEA. You may not have any legal remedies against access by authorities.

 

Storage duration

The data sent by us and linked to cookies is automatically deleted after 3 months. The deletion of data whose maximum storage duration has been reached is carried out automatically once a month.

Legal basis

The legal basis for this data processing is your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

 

Withdrawal

You can withdraw your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the withdrawal remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a reduced functionality of this and other websites. You can also prevent the collection of data generated by cookies and related to your use of the website (including your IP address) to Google and the processing of this data by Google if you

a. do not give your consent to the setting of cookies or

b. download and install the browser add-on to disable Google Analytics HERE.

 

For more information about Google Analytics' terms of use and Google's privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

 

11. Plug-ins

We use social plug-ins from the social network LinkedIn on our website on the basis of Art. 6 (1) sentence 1 lit. f GDPR. This serves to make our law firm better known and the underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The respective provider is responsible for ensuring that the service is operated in accordance with data protection regulations. We integrate these plug-ins using the so-called ‘two-click method’ to provide visitors to our website with the best possible protection.

 

Google Maps

This website uses Google Maps to display a site plan. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you consent to the collection, processing and use by Google, one of its representatives, or third parties, of the data collected and entered by you. The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission.

Details can be found here:

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information about how user data is handled in Google's privacy policy:

https://policies.google.com/privacy?hl=de.

 

12. Use of web fonts

Our website may use external fonts from Google Fonts. Google Fonts is a service provided by Google Inc. (‘Google’). These fonts are integrated by a server call, usually a Google server. This tells the server which of our websites you have visited. The IP address of the browser of the visitor's end device is also stored by Google.

The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at

https://developers.google.com/fonts/faq

and in Google's privacy policy at:

https://policies.google.com/privacy?hl=de&gl=de.

 

13. Audio and video conferences

Data processing

We use online conferencing tools, among other things, to communicate with our clients. The tools we use in detail are listed below. When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.

The conference tools collect all the data that you provide/use to use the tools (email address and/or your telephone number). Furthermore, the conference tools process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other ‘context information’ related to the communication process (meta data).

Moreover, the tool provider processes all technical data required for the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker, and the type of connection.

If content is exchanged, uploaded or otherwise provided within the tool, these are also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have full influence on the data processing operations of the tools used.

Our options are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection notices of the tools used, which we have listed below this text.

 

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) lit. b GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 (1) lit. f GDPR). Insofar as consent has been requested, the use of the tools in question is based on this consent; consent may be withdrawn at any time with effect for the future.

 

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, withdraw your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence over the duration of storage of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

 

Conference tools used

We use the following conference tools:

 

GoToMeeting

We use GoToMeeting. The provider is LogMeIn, Inc., 320 Summer Street Boston, MA 02210, USA. For details on data processing, please refer to the GoToMeeting privacy policy:

https://www.logmeininc.com/de/legal/privacy.

Data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://logmeincdn.azureedge.net/legal/lmi-customer-dpa-2020v1-de.pdf.

 

Contract data processing

We have executed a contract data processing agreement with the provider mentioned above. This is an agreement that is required under data privacy protection legislation and ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

 

14. Hosting

IONOS

Our website is hosted by IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter: IONOS). When you visit our website, IONOS collects various log files including your IP addresses. For details, please refer to the IONOS privacy policy:

https://www.ionos.de/terms-gtc/terms-privacy.

The use of IONOS is based on Art. 6 (1) lit. f DSGVO. We have a legitimate interest in making our website as reliable as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) lit. a DSGVO; consent can be withdrawn at any time.

 

Contract data processing

We have executed a contract data processing agreement with the provider mentioned above. This is an agreement that is mandatory under data privacy protection legislation and ensures that the provider processes the personal data of our website visitors only in compliance with our instructions and in compliance with the GDPR.

 

15. Data security

We would like to point out that the transfer of data via the internet is not completely secure. We therefore cannot guarantee absolute security for the transmission of information to us via the internet.

If possible, we use the common TLS (Transport Layer Security) method in connection with the highest level of encryption supported by your browser when you visit our website. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties, insofar as this is within our power. Our security measures are continuously improved in line with technological developments.

 

16. Timeliness and changes to this privacy policy

We are continuously developing our website and the services we offer. In particular, when new technologies are implemented and used, it may be necessary to amend this data protection notice. The same applies in the event of legal changes or official requirements. We therefore recommend that you not only read this data protection notice carefully now, but also from time to time.

 

This data protection notice is dated April 2025.