Contact
Close

Just ask!

Contact

Choose your Region & Language

Global

North-America

Nordic

Australia

Contact Close

Just ask!

Contact

Privacy Statement of the Vossloh Group

PRIVACY POLICY AND COOKIE POLICY

This Privacy Notice describes the processing of Personal Data when you use our websites. It also explains the choices you have regarding your Personal Data ("Your Rights") and how you can contact us.

Please also refer to our data protection information for applicants.

A. General information

I. Who is data controller and how can I contact the data protection officer?

1. Controller

The controller responsible (within the meaning of Art. 4 No. 7 GDPR) for processing your Personal Data for the purposes described in this Privacy Policy is

Vossloh AG
Vosslohstrasse 4
D-58791 Werdohl

E-Mail: info@vossloh.com
Tel: +49 (0) 2392 52-0

If Vossloh AG processes Personal Data jointly with other Group companies, we will inform you of this in an appropriate place. In these cases, Vossloh AG acts as a joint point of contact for enquiries regarding data protection and the assertion of data subject rights. Irrespective of this, you can assert your rights against each individual controller.

Further information about our company, details of the authorised representatives and other contact options can be found in our legal notice on our website https://www.vossloh.com/de/impressum/

2. Data protection officer

If you have any questions about the processing of your Personal Data by us or about data protection in general, please contact our data protection officers.

The Data Protection Officer of Vossloh Aktiengesellschaft and the Group companies listed below is Dr Stefan Drewes, Vosslohstraße 4, D-58791 Werdohl, datenschutzbeauftragter@vossloh.com . If desired, please make sure to mark your contact enquiry as "personal/confidential".

  • Vossloh Fastening Systems GmbH
  • Vossloh Laeis GmbH
  • Vossloh RailWatch GmbH

The Data Protection Officer of Vossloh Rail Services GmbH and the following subsidiaries can be contacted at Vossloh Rail Services GmbH, c/o Datenschutzbeauftragter, Hannoversche Straße 10, D-21079 Hamburg, datenschutz.lifecyclesolutions@vossloh.com . If desired, please make sure to mark your contact request as "personal/confidential".

  • Vossloh Rail Services Deutschland GmbH
  • Vossloh Rail Services International GmbH
  • Vossloh Rail Inspection GmbH

II. Your rights as a data subject

Every data subject has the following rights

  • Right of access (Art. 15 GDPR)
  • Right to rectification of inaccurate data (Art. 16 GDPR)
  • Right to erasure or a right to be "forgotten" (Art. 17 GDPR)
  • Right to restriction of processing of Personal Data (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR).

You can object to the processing of Personal Data for advertising purposes, including the analysis of customer data for advertising purposes, at any time without giving reasons.

In addition, the data subject also has a general right to object (see Art. 21 (1 GDPR). In this case, the objection to data processing must be justified. If the data processing is based on consent, your consent can be revoked at any time with effect for the future.

To exercise your rights as a data subject, please contact the contact details listed above at A . I.

You also have the right to lodge a complaint with the data protection supervisory authority competent for you.

III. Recipients, third country transfers

In the following, we would like to inform you about the categories of recipients of Personal Data.

We may transfer Personal Data to the following third parties. Billing service providers, printing and postal service providers, insurance companies, telecommunications service providers, insurance brokers and experts for the examination and settlement of claims, authorities, insofar as a justified request has been made, credit institutions and payment service providers for the processing of payments, external accountants, auditors, tax consultants, legal advisors and auditors. The legal basis for the transfer is generally Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests: increased efficiency; improvement of offers; examination, defence and enforcement of legal claims).

The processors include, in particular, IT service providers (maintenance and support), web hosters, providers of backup services, service providers for the professional disposal of data waste and other cloud service providers.

The service providers we use are bound by our instructions and are carefully selected, commissioned and regularly monitored by us. The commissions are based on agreements on commissioned processing in accordance with Art. 28 GDPR. Processing for the processor's own purposes does not take place.

If Personal Data is transferred to a third country or an international organisation, we will inform you separately about the transfer and the underlying justification standard. If an adequacy decision by the EU Commission (Art. 45 GDPR) has not established that an adequate level of data protection exists in a third country, transfers to third countries are secured with standard contractual clauses (implementing decision EU/2021/914) in accordance with Art. 46 GDPR, on the basis of your consent in accordance with Art. 49 (1) lit. a GDPR or other suitable transfer safeguards in accordance with Art. 44 et seq. GDPR are secured.

IV. Direct marketing

We have a legitimate interest (direct advertising, Recital 47 GDPR) within the meaning of Art. 6 (1) sentence 1 lit. f GDPR in sending advertising to customers (persons with whom we maintain a business relationship) by post. In particular, we may send you news about our company or Group companies, information about events and invitations to evaluate our services and products. Advertising by e-mail is limited in content to similar goods and services. In this case, the legal basis is Section 7 (3) Act against Unfair Competition based on Art. 13 (2) 2002/58/EU.

For this purpose and for sending advertising emails, we use the processor Microsoft Ireland Operations, Ltd (Ireland), which processes the data on our behalf.

We use a postal service provider to send you advertising by post.

You can object to the sending of advertising at any time by contacting the offices listed above under "Your rights" or by following the instructions at the end of an advertising e-mail. If possible, please send your e-mail from the same e-mail address that you provided when you registered so that we can identify you more easily. Unless otherwise stated, the joint controllers are Vossloh AG and the Group companies whose services are advertised.

V. Contacting us, storage of contact data in a CRM

You can contact us by e-mail, fax, telephone and via our contact forms to request a quotation or to conduct other correspondence.

In order to be able to process your enquiry, we process names, e-mail addresses, the name of your company if applicable, position and mandatory information that is absolutely necessary for the preparation of an offer. If your enquiry is also forwarded to affiliated companies for the purpose of responding, for the purpose of assigning the correct contact person for your enquiry with the response, as we pursue the legitimate interest in an efficient handling of your enquiry, Art. 6 (1) sentence 1 lit. f GDPR. The processing of your data in the context of contacting us by email, contact form or telephone is based on our legitimate interest in good customer service in accordance with Art. 6 (1) sentence 1 lit. f GDPR or in accordance with Art. 6 (1) sentence 1 lit. b GDPR, insofar as the contacts are in connection with contractual performance obligations or the implementation of pre-contractual measures.

When you use our contact form, we also process data about your location (country and city based on IP address) and data about the browser and device used. The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests: safeguarding IT security).

Your enquiry and your contact details may be stored in a customer relationship management system ("CRM system") if a business relationship exists or a business relationship can be expected on the basis of previous communication. We use a system from the processor Microsoft Ireland Operations, Ltd (Ireland) to manage enquiries and contact data. The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR on the basis of our legitimate economic interests in being able to systematically and efficiently manage customer and prospective customer contact data. For verification purposes, we initially retain the Personal Data processed when processing enquiries for a period of one year from the end of the respective calendar year in which the enquiry was received. We then check whether further storage is necessary. If this is not necessary or there are no further statutory retention obligations, the data will be deleted. Unless otherwise stated, the joint controllers for the processing are Vossloh AG and the Group company responsible for the enquiry.

B. Processing when using our website

In the following, we would like to give you an overview of how we ensure the protection of your personal data when you access our website and what types of personal data we process for what purposes and to what extent.

I. Every time you visit our website

1. Technical provision of our website, log files

When you access our website, technical information is exchanged between the servers on which our career portal is operated and your end device (computer, tablet, mobile phone). The following data is transmitted by your browser and processed by our servers:

  • Date and time of access
  • IP address of the accessing computer
  • Host name of the accessing computer
  • Website from which the website was accessed
  • Websites that were accessed via the website
  • Visited page on our website
  • Amount of data transferred and access status (file transfer, file not found, etc.)
  • Message as to whether the access was successful
  • Operating system
  • Browser used, specific browser settings Operating system used

This information is technically necessary in order to deliver the website content you have requested correctly and in the correct language version and is mandatory when using the Internet. Our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR also lie in this and in an appealing external presentation.

In accordance with our IT security concept, the log file data is stored for a period of two weeks in order to detect and analyse any attacks against our website. The legal basis for data processing is Art. 6 (1) sentence 1 f GDPR. Our legitimate interest is the protection of our information technology systems (in particular in the event of abusive attacks, so-called DDoS attacks). To operate the websites, we use the hosting provider Quality Hosting (QualityHosting AG, Uferweg 40-42, 63571 Gelnhausen, Germany) at by way of order processing.

2. Content delivery network
We use a content delivery network service on the website to optimise loading times.

When you access our site, your requests are routed via the service provider's server. The access data includes your IP address, the website(s) of our website that you have accessed, the type and version of your browser, your operating system, the referrer URL, i.e. the page from which you accessed our website, and the frequency with which you access our pages. This data is not analysed for statistical or advertising purposes.

The legal basis is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. This lies in the secure operation of our website and increasing performance (loading speeds).

3. Google Fonts
This website uses external fonts and designs from Google Fonts, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, ("Google"). For this purpose, the end device you use retrieves the selected fonts and design files (css files) from Google and thus automatically transmits the IP address used and the website you have accessed. With this addition, the texts and fonts on the page can be displayed correctly. Legal basis for data processing: Art. 6 (1) sentence 1 f GDPR (legitimate interest: Efficient visual improvement of the website, saving loading times), if we do not request your consent. Please note that the data may be processed outside the EU/EEA. Google has submitted to the Data Privacy Framework to ensure an adequate level of protection, Art. 45 GDPR. Google is solely responsible for whether and to what extent further storage of the requests is based at Google.

Further information can be found at https://developers.google.com/fonts/faq and in Google's privacy policy https://policies.google.com/privacy?hl=en .

II. Subscription to an email newsletter
We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have entered your email address, we will send you a confirmation email to the email address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm this within 7 days, your registration will be automatically cancelled. If you confirm your wish to receive the newsletter, we will store your e-mail address until you unsubscribe from the newsletter. The storage serves the purpose of being able to send you the newsletter.

We have marked the mandatory information required to subscribe to the newsletter with an asterisk in the registration form. By providing further voluntary information, we can customise the content of the newsletter to your interests.

We measure the opening rate of the newsletter e-mails sent, i.e. how many recipients have opened individual newsletter e-mails. The newsletters contain individual, pixel-sized image files that are retrieved from a server when the newsletter is opened and can be assigned to the recipients' email addresses. We also measure the click rate, i.e. how often websites linked to in the newsletter emails are clicked on. This is done by means of individualised links, which can also be assigned to the recipients' email addresses. The information obtained in this way is assigned to individual subscriber profiles. The purpose of this processing is to analyse the reading habits of our users and to adapt content and dispatch times accordingly or to send different content according to the interests of our users. Unfortunately, it is not possible to revoke consent to performance measurement separately; in this case, the entire newsletter subscription must be cancelled.

The legal basis for the processing described up to this point is your consent, Art. 6 (1) sentence 1 lit. a GDPR. You have the right to revoke your consent to the sending of the newsletter at any time with effect for the future. Your revocation does not affect the legality of the processing of your personal data until the revocation. You can declare your cancellation by clicking on the link provided in every newsletter email or by sending a message to the contact details given in the legal notice.

Furthermore, on the basis of Art. 6 (1) sentence 1 lit. f GDPR, we store your IP addresses and the times of your registration upon registration and confirmation in order to prevent misuse of your personal data and to be able to provide proof of correct sending.

Please note that if you subscribe to the newsletter, your contact details (name, email address, company name) may be stored in a file system for managing enquiries (customer relationship management or comparable systems for organising enquiries). The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR. We have a legitimate economic interest in maintaining contacts made in the course of business transactions beyond the initial contact and using them to establish or maintain a business relationship. You can object to the processing within the CRM system at any time free of charge.

We use the processor Microsoft Ireland Operations, Ltd (Ireland) for all processing activities described in this section.

III. Notes on ensuring data security
We take technical and operational security precautions on our website to protect the personal data stored by us from access by third parties, loss or misuse and to enable secure data transfer.

We must point out that, due to the structure of the Internet, unwanted access to data by third parties can occur. It is therefore also your responsibility to protect your data against misuse through encryption or in some other way. Without appropriate protective measures, data transmitted unencrypted, even if this is based on e-mail, can be read by third parties.

IV. Links to third-party websites
Our website may contain links to third-party websites. We would like to emphasise that we are not responsible for the processing of your Personal Data on these websites within the meaning of Art. 4 No. 7 GDPR. Please refer to the privacy policies of the respective websites before disclosing any Personal Data.

V. Integration of social plugins
Our website uses social plug-ins ("plug-ins") from various social networks. The purpose of these plug-ins is to provide you with an opportunity to interact with your contacts and to easily disseminate interesting information. These plug-ins can be recognised by the respective logo on the network. We use a 2-click solution. This means that data is only transferred to the respective social network provider when you click on the corresponding logo or as a result of your consent declared via the data protection settings. Only then does your browser establish a direct connection with the servers of the respective network. The content of the plug-in is transmitted by the network directly to your browser, which integrates it into the website. If these networks are based outside the EU or the EEA, we therefore cannot rule out the possibility that your data will be transferred to a server outside the EU/EEA and processed there. We have no influence on the scope and period of use of the data that the respective network collects with the help of this plug-in and therefore inform you according to our level of knowledge.

By integrating the plug-in, the respective network receives the information that you have accessed the corresponding page of our website. If you are logged in to one of the networks, this network can assign this information to your profile. If you do not want the network to collect information about your visit to our website, you must therefore log out beforehand. However, it is generally possible that the network can assign your end device in other ways (e.g. via IP address, cookie or browser fingerprint), even though you have not registered there or are not logged in. We also have no information on the deletion of the data collected by the plug-in provider.

The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or customising its website. Such an evaluation is based in particular (even for users who are not logged in) on the display of customised advertising and to inform other users of the social network about your activities on our website.

The legal basis for the use of the plug-ins is your consent, which you declare by clicking on the symbol or via our data protection settings. For the purpose, duration and scope of data collection and the further processing and use of your data as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection notices of the respective social networks:

  • Facebook: https://www.facebook.com/privacy/policy
  • Instagram: https://privacycenter.instagram.com/policy/
  • LinkedIn: https://www.linkedin.com/legal/privacy-policy.
  • XING https://privacy.xing.com/de/datenschutzerklaerung

VI. YouTube
On our website, we embed videos from YouTube by Google (service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The integration improves our internet presence by introducing ourselves through short videos or explaining our business model.

We use YouTube in "extended data protection mode" to be able to show you these videos. According to YouTube, this means that data is only transmitted to the YouTube server when you actually start a video. If you are logged in to YouTube or Google, your data will be assigned directly to your account; otherwise, the data will be assigned to an advertising ID that is separate from your account.

Insofar as Google Ireland Limited transmits Personal Data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees to maintain EU data protection standards by means of standard contractual clauses.

The legal basis is your consent in accordance with Art. 6 (1) lit. a GDPR, which can be given when you first visit the website via the data protection settings. This consent can be revoked at any time in the data protection settings by deleting the cookies on this page in your own browser.

YouTube stores cookies on your device. If you do not agree to this, you have the option of preventing the storage of cookies by changing the settings in your browser.

Detailed information on the purpose and scope of data collection and storage duration by Google can be found in the provider's privacy policy at https://policies.google.com/privacy.

VII. Vimeo
We use the Vimeo service on our website on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR, which you can revoke at any time with effect for the future. This service processes the Personal Data listed under I1 as well as information about the video accessed, the playing time and settings you have made in the player by means of cookies. You give your consent via the data protection settings when you first visit our website. To revoke your consent, please click on "Privacy settings" in the footer. "Vimeo" is an offer from Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. To secure your data, we have concluded standard contractual clauses with the provider Vimeo, with which the provider guarantees compliance with EU data protection standards. You can find Vimeo's privacy policy at https://vimeo.com/privacy .

VIII. Integration of Google TAG Manager

We use Google Tag Manager to integrate the services of external partners. This tool works without cookies, but nevertheless requires the


We use the Vimeo service on our website on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR, which you can revoke at any time with effect for the future. This service processes the Personal Data listed under I1 as well as information about the video accessed, the playing time and settings you have made in the player by means of cookies. You give your consent via the data protection settings when you first visit our website. To revoke your consent, please click on "Privacy settings" in the footer. "Vimeo" is an offer from Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. To secure your data, we have concluded standard contractual clauses with the provider Vimeo, with which the provider guarantees compliance with EU data protection standards. You can find Vimeo's privacy policy at

transmission of IP addresses to Google. This is based on measuring the use and utilisation of the Tag Manager. We have activated the anonymisation of the IP address before it is forwarded to Google. The legal basis for data processing is Art. 6 (1) sentence 1 f GDPR (legitimate interests: Increasing efficiency in the care and maintenance of our website; reducing loading times).

C. Use of cookies and comparable technologies

1. General information
Our website uses so-called cookies. Cookies are small text files that are stored on your end device and saved by your browser. The content of the files can be read by our servers or the servers of our partners, in particular in order to be able to assign your device to further information. We use both so-called temporary cookies, which are automatically deleted when you close your browser ("session cookies"), and persistent (permanent) cookies.

You can use the data protection settings to decide to what extent you want to allow cookies to be set. Alternatively, you can make changes in your browser settings. In principle, you have the choice of accepting all cookies, being informed when cookies are set or rejecting all cookies. If you decide in favour of the latter option, it is possible that you will not be able to make full use of our website.

When cookies are used, a distinction must be made between the cookies that are absolutely necessary and those for additional purposes, which are displayed in the data protection settings.

2. Strictly necessary cookies when using the website
We use cookies on our websites that are absolutely necessary for the use of our websites. These include cookies that enable us to recognise you when you visit the site during a single session. These session cookies contribute to the secure use of our website.

If we use a disclaimer (IR area), cookies are stored on your end device upon confirmation. This is read in order to avoid the repeated display and confirmation of the disclaimer. No IP address is stored by us.

3. Use of cookies with your consent, consent management (data protection settings)
Below you will find an overview of the cookies that we use with your consent given at the beginning of your use of the website. You will also find an opt-out option for each explanation of the use of cookies. These are cookies for recording the usage behaviour of our website and cookies that are used for advertising purposes.

We use the service provider Usercentrics to obtain, log, manage and receive revocations of consent. An individual user ID, language and types of consent and the time they were given are stored on the server and in the cookie on your device. In addition, the data listed at I1 is processed in order to load the service. The processing is based on a legal obligation (Art. 6 (1) sentence 1 lit. c GDPR in conjunction with § 25 German TDDDG, Art. 24, 25 GDPR, Art. 5 (3) 2002/58/EU) as well as on our legitimate interests in economically efficient consent management, Art. 6 (1) sentence 1 lit. f GDPR. Usercentrics privacy policy: https://usercentrics.com/de/datenschutzerklaerung/.

We have concluded a Data Processing Agreement with Usercentrics GmbH.

a. Use of cookies to record user behaviour (tracking, statistics)
The use of tracking cookies enables us to recognise users when they access our website again and thus assign usage processes to an internally assigned code number (pseudonym). This allows us to record and analyse repeated visits to our website. This helps us to determine which content on our website is of most interest to you. We process your data in detail for this purpose,

  • to record the number of visitors to our websites,
  • to record the respective visiting times of our website visitors and
  • to record the sequence of visits to various websites and to optimise our website.

Specifically, the following tracking cookies are used:

Tracking by Google Analytics
On this website, we use the web analysis service Google Analytics from the service provider Google Ireland Limited commissioned by us to analyse your use of the website and to compile reports on website activity. This enables us to better understand how visitors use our website so that we can make it even more intuitive. On our behalf, our service provider processes information about your visits to our website under a pseudonymised user ID, which can be assigned to your end device. The tool uses so-called "cookies" for the purpose of assigning the user ID to your end device. Cookies are text files that are stored on your computer and can be read on repeated visits. Further details on the cookies used can be found in our data protection settings [information on how to find it or direct link].

The usage information includes page views, length of stay and clicks, which are supplemented by IP address-based location data and technical information on the device, operating system and browser used.

We have activated IP anonymisation for Google Analytics. This means that your IP address is shortened and anonymised. A transfer of your IP address to the USA is not based. Data stored on the basis of the user ID is automatically deleted after 2 months.

Some of the data collected by the web analysis service is also stored and processed by our service provider in the USA. The transfer to the USA is based on the Data Privacy Framework, under which Google has been certified, https://www.dataprivacyframework.gov/list, adequacy decision EU/2023/1795, Art. 45 GDPR.

The legal basis for the processing and for the storage and reading of the cookie is your consent, Art. 6 (1) sentence 1 lit. a GDPR.

You can revoke your consent at any time with effect for the future in our data protection settings (cookie button at the bottom left of the page).

Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de

Google privacy policy: https://policies.google.com/privacy

etracker
We use the etracker analysis service from etracker GmbH (www.etracker.com). On the basis of your consent, cookies are used that enable a statistical reach analysis of this website, a performance measurement of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. The cookies set by etracker do not contain any information that enables the direct identification of users.

By means of a data processing agreement, etracker has undertaken to process your Personal Data only on our instructions. etracker does not process data for its own purposes. etracker has been independently audited and certified in this regard and has been awarded the ePrivacyseal data protection seal of approval.

Data processing is based on Art. 6 (1) lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest lies in the economically efficient optimisation of our website. As the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymised or pseudonymised as soon as possible. No other use, merging with other data or transfer to third parties is based on this data.

You can object to the data processing described above at any time within the data protection settings. The objection has no negative consequences.

Further information on data protection at etracker: https://www.etracker.com/datenschutz/

SalesViewer
We use the SalesViewer service from SalesViewer GmbH to evaluate page views by companies for marketing and market research purposes and to optimise our offers.

Your IP address is pseudonymised using a one-way hash and compared with a SalesViewer database. If this value can be assigned to a company from the SalesViewer database, your usage behaviour on our website will be tracked. If your IP address cannot be assigned to a company, no further processing, in particular no tracking, is based on your usage behaviour. of your user behaviour. Tracking is based on the so-called browser fingerprint method without the use of cookies. Your IP address and other technical information transmitted by your browser when you access a website are assigned to pseudonymised user profiles. The tracking results (pages called up, length of stay on a page) are made available to us for analysis, stating the company name and other information about the company. Further information includes the company telephone number, company address, web address, industry, company profile and turnover.

The use of SalesViewer is based on your consent in accordance with Art. 6 (1) lit. a. GDPR.

The data stored in the context of SalesViewer will be deleted after 12 months, provided that there are no legal obligations to retain the data. Data is not transferred to a third country.

Your consent to the processing can be revoked at any time via the data protection settings in order to prevent the collection by SalesViewer within this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click this link again.

Further information can be found in the privacy policy for SalesViewer: https://www.salesviewer.com/datenschutz.

The contact information determined using SalesViewer can be stored in a customer relationship management system ("CRM system") if a business relationship is likely, exists or can be expected to be initiated as a result of communication. We use a CRM from the processor Microsoft Ireland Operations, Ltd (Ireland). The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR on the basis of our legitimate economic interests in being able to systematically and efficiently manage customer and prospective customer contact data.

b. Use of cookies for advertising purposes
We use cookies for marketing purposes, for example to target advertising to the interests of a website visitor. They are also used to limit the frequency of the advert and to measure the effectiveness of an advert. In this way, we record which websites and which articles have been clicked on. This allows us to collect information about usage habits in order to target interest-based advertising. We therefore use tracking and retargeting technologies on our website for advertising that is customised to your interests. Cookies are generally used for this purpose, but other technologies such as "fingerprinting" are also used in some cases. The cookies stored temporarily for this purpose enable our retargeting partners to recognise visitors to our website under a pseudonym and only show you products that are likely to be of interest to you. Fingerprinting is based on recognising your device based on your computer hardware, software, add-ons and browser settings. The information obtained is shared with third parties. In these cases, the cookies are regularly set directly by the advertising partner.

Unless otherwise stated, the processing described in this section is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a, Art. 7 GDPR.

We use the data collected for statistical and advertising purposes and in particular

  • for targeted advertising, including via advertising networks in cooperation with partners
  • to measure the success and billing of advertising measures between advertising partners and us
  • to track which adverts you have already seen in order to prevent you from seeing the same adverts again and
  • to assess which parts of our website need to be optimised.

Specifically, the following cookies are set:

Use of Google Ads with conversion tracking
We use the Google Ads service. Using Google Ads from the service provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, your Personal Data is processed for the purposes of targeted online advertising, conversion measurement (success and effectiveness of online advertising measures), tracking and, based on this, target group formation for further advertising measures. This enables us to display online advertising within the Google advertising network primarily to those users who are presumed to be interested in the adverts. For example, you may be shown targeted adverts for our products and services after visiting our website.

For the purposes of conversion and performance measurement, Google provides us with information to analyse performance parameters such as ad impressions, clicks and conversions. In this way, we can analyse which buttons on our website were clicked how often and which products were viewed particularly frequently. This allows us to determine how successful the individual advertising measures are in relation to the advertising campaign data. For these purposes, user profiles are created to which you can be assigned by means of cookies stored on your end device or comparable procedures. These cookies are not intended to identify you personally. The information provided to us by Google is pseudonymised in such a way that it is generally not possible for us to identify you as a natural person. We only receive statistical analyses from Google. These analyses enable us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of advertising material. An allocation may be possible if a so-called conversion occurs. This is the case if you contact us after clicking on one of our adverts.

If you are registered with a Google service, Google may be able to assign the visit to your account. Please check your data protection settings within your Google user account in this regard. Google generally stores the following analysis values in user profiles:

  • Unique cookie ID
  • Number of ad impressions per placement (frequency) and information on interactions with websites (click paths, intensity of use) and technical information (in particular abbreviated IP address, browser information, operating system)
  • Information about your location
  • Last impression (relevant for post-view conversions)
  • Opt-out information (marking that the user no longer wishes to be contacted)

The legal basis for the processing, storage and reading of cookies is your consent, Art. 6 (1) sentence 1 lit. a GDPR.

Further information in Google's privacy policy at https://policies.google.com/privacy. Insofar as Google processes Personal Data in the USA at Google LLC, this is done on the basis of the Data Privacy Framework, under which Google has been certified, https://www.dataprivacyframework.gov/list, adequacy decision EU/2023/1795, Art. 45 GDPR.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website by installing a browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=de If you do not wish to receive interest-based advertising, you can deactivate the use of cookies by Google for these purposes by visiting https://www.google.de/settings/ads/. Further information on data protection at Google can be found here https://www.google.com/intl/de/policies/privacy/ . Alternatively, you can also visit the website of the Network Advertising Initiative (NAI): http://www.networkadvertising.org/

Use of DoubleClick by Google
This website uses the online marketing tool DoubleClick by Google, another service provided by Google. DoubleClick uses cookies to display adverts that are relevant to users, to improve campaign performance reports or to prevent users from seeing the same adverts more than once. Google uses a cookie ID to record which adverts are shown in which browser and can thus prevent them from being shown more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick advert and later visits the advertiser's website with the same browser and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal information.

By implementing these tools, your browser automatically establishes a direct connection with the Google server. Please note that this may result in data processing outside the European Union or the European Economic Area. The transfer to the USA is based on the Data Privacy Framework, under which Google has been certified, https://www.dataprivacyframework.gov/list, adequacy decision EU/2023/1795, Art. 45 GDPR.

If you do not wish to receive interest-based advertising, you can deactivate the use of cookies by Google for these purposes by visiting https://www.google.de/settings/ads/. Further information on DoubleClick by Google can be found at: https://www.google.de/doubleclick/ and on data protection at Google in general: https://www.google.de/intl/de/policies/privacy/ . Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org/

Microsoft Ads (Bing Ads)
We use the online advertising programme "Microsoft Ads" on our website, a service of Microsoft Ireland Operations, Ltd (Ireland) Operations Ltd, One Microsoft Place, South County Business Park. Leopardstown, Dublin 18, Ireland. Microsoft Ads is an internet advertising service that enables advertisers like us to place interest-based ads in Bing search engine results and in the Microsoft Ads advertising network based on your usage behaviour. Microsoft processes information about your usage behaviour in order to create pseudonymous usage profiles. These user profiles are used to analyse your surfing behaviour and are used to display advertisements tailored to your interests. This is done by means of a cookie set by Microsoft, which is valid for 180 days. This cookie is also set via our website if you have previously agreed to this in our cookie settings. We learn the total number of users who clicked on a Bing advert and were then redirected to our conversion page, i.e. the page linked to in the advert. However, we do not receive any information with which we can personally identify individual users.

The legal basis for the processing when using Microsoft Ads is your consent, Art. 6 (1) sentence 1 lit. a), Art. 7 GDPR. Your data is processed by Microsoft in the USA. The legal basis for the transfer to the third country USA is also your consent, Art. 49 (1) lit. a GDPR.

Further information on data protection and the cookies used by Microsoft Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement.

LinkedIn Insights Tag
We have integrated the Insight Tag of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2 Ireland on our website. When our website is accessed, it is based on a redirect to LinkedIn. The following data may be forwarded

  • http header information (such as the IP address, information about the browser used, country-related data, e.g. language)
  • Unique cookie ID
  • Information on events on the page (such as information on page views or buttons that were clicked)
  • Time of access and duration of visit

LinkedIn can mark the end device you are using with a cookie and a unique identifier or read any existing cookie. If you are logged in to LinkedIn, this data can be used to display targeted advertising for us on the LinkedIn pages. We can also use this data to assess the success of our LinkedIn adverts. The legal basis for the storage of the cookie and the forwarding of the data to LinkedIn Ireland Unlimited Company is the consent given in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

We are joint controller with LinkedIn Ireland Unlimited Company for the collection and transmission of the above data. For this reason, we have concluded a joint controllership agreement with LinkedIn in accordance with Art. 26 GDPR, which defines the responsibilities for the fulfilment of obligations under the GDPR. In view of the fact that we do not have access to the data collected about you as part of the LinkedIn Insight Tag, LinkedIn alone has direct access to the necessary information and can also immediately take any necessary measures and provide information. In this respect, we ask you to address your data subject rights regarding the processing of the Insight Tag directly to LinkedIn. Should you nevertheless require our support, we will be happy to assist you.

When using the LinkedIn Insight Tag, we cannot rule out the possibility that the data will also be processed by LinkedIn in the USA. LinkedIn is certified according to the EU-US Privacy Framework, so that the transmission is based on the existing adequacy decision of the EU Commission.

Further processing and analysis of the data collected is based on LinkedIn's own responsibility. Further information on data protection at LinkedIn in general and more detailed information on the handling of the data collected as part of the Insight Tag, such as the legal basis for LinkedIn's processing, can be found in LinkedIn's privacy policy at

https://de.linkedin.com/legal/privacy-policy?trk=content_footer-privacy-policy

You can change your advertising settings here: https://www.linkedin.com/mypreferences/d/categories/ads

Meta Pixel
We use the Meta Pixel on our website, an analysis tool provided by the Data Privacy Framework-certified company Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. The Meta Pixel enables us to analyse the use of our website and to optimise our marketing measures.

The following data is collected by the Meta Pixel:

Device and usage data (information as described in section I1 , your IP address (in anonymised form) and your activities on our website (e.g. pages visited, links clicked) are processed.

We process your data to display personalised advertising on other platforms (e.g. Facebook, Instagram), for reach measurement (measurement and optimisation of the effectiveness of our advertising campaigns) and for website optimisation (improvement of our content and user-friendliness). The use of this technology enables Meta (Facebook) to assign visitors to our website to specific groups (e.g. visitors who come from our website or according to the areas of interest we have transmitted to Meta (Facebook), so-called "Custom Audiences") for the display of specific advertisements and thus to be able to recognise them.

The user data collected is anonymous to us and therefore does not allow any conclusions to be drawn about your identity. However, Meta Platforms Ireland Limited stores and processes data via Facebook that allows conclusions to be drawn about the respective user profile. The specific storage period of the processed data cannot be influenced by us, but is determined by Meta Platforms Ireland Limited. Further information on Meta Pixel can be found at https://www.facebook.com/business/tools/meta-pixel/. Data processing by Facebook Meta is based on Facebook Meta's data usage guidelines. For this purpose, we have concluded a joint controller agreement with Facebook Meta as joint controller. Further information on data processing by Meta can be found at: https://www.facebook.com/about/privacy/.

The legal basis for the use of the Meta Pixel is your consent, which can be revoked at any time via the data protection settings, Art. 6 (1) lit. a GDPR.