Data protection
We take data protection seriously
The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of your visit as standard. This information is absolutely necessary for the technical transmission of the web pages and secure server operation. A personalized evaluation of this data does not take place.
If you send us data via contact form, this data will be stored on our servers in the course of data backup. Your data will only be used by us to process your request. Your data will be treated strictly confidential. It will not be passed on to third parties.
Controller
Ratisbona Compliance GmbH
Trothengasse 5
93047 Regensburg
Personal data
Personal data are data about your person. This includes your name, address and email address. You do not have to disclose any personal data to visit our website. In some cases we need your name and address as well as other information to be able to offer you the requested service.
The same applies in the case that we supply you with information material on request or when we answer your inquiries. In these cases we will always point this out to you. In addition, we only store the data that you have transmitted to us automatically or voluntarily.
When you use one of our services, we usually only collect the data that is necessary to provide you with our service. We may ask you for additional information, but this is voluntary. Whenever we process personal data, we do so to provide you with our service or to pursue our commercial objectives.
Contacting
When contacting us (e.g. via contact form, email, telephone or via social media), the information of the inquiring persons is processed, if necessary in order to respond to the requests and to any requested actions. The response to the contact inquiries in the context of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of legitimate interests in responding to the inquiries.
- Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms).
- Data subjects: Communication partners
- Purposes of precessing: contact requests and communication
- Legal basis: Contract performance and pre-contractual inquiries (Art. 6 para. 1 lit. b. GDPR), Legitimate interests (Art. 6 para. 1 lit. f. GDPR).
Automatically stored data
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Date and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- Web browser and operating system used
- Complete IP address of the requesting computer
- Transferred data volume
This data is not merged with other data sources. The processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to defend against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is also processed anonymously for statistical purposes; it is not compared with other data or passed on to third parties, even in part. Only within the context of our server statistics, which we publish every two years in our activity report, is a presentation of the number of page views made.
Cookies
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of session cookies, the responsible party can provide the users of this website with a user-friendly service that would not be possible without the cookie setting. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) lit. f GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. If necessary, your data will be passed on to partners or third-party providers. Only if you explicitly agree to this will these cookies be stored, the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can change your settings for the use of cookies any time in the consent banner (bottom left of the screen).
Cookiebot
Our website uses the consent technology of Cookiebot to obtain your consent to the storage of certain cookies on your end to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this consent in accordance with data protection law. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”).
When you enter our website, a connection is established to Cookiebot’s servers in order to obtain your consent and other declarations regarding cookie use. Cookiebot then stores a cookie in your browser in order to be able to allocate the consents granted to you or their revocation. The data collected in this way will be stored until you request us to delete it, delete the Cookiebot cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
We have concluded a contract on order processing (AV) pursuant to Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of the user data available at Google (e. g. location data and interests) can be displayed (target group targeting). We as website operator can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our ads and how many ads led to corresponding clicks.
The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and 25 Para. 1 TTDSG. The consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
Google Adsense (not personalized)
This website uses Google AdSense, a service for embedding advertisements. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use Google AdSense in “non-personalized” mode. In contrast to the personalized mode, the advertisements are therefore not based on your previous user behavior and no user profile of you is created. Instead, so-called “contextual information” is used to select the advertisements. The selected ads are then based, for example, on your location, the content of the website you are on, or your current search terms. For more on the differences between personalized and non-personalized targeting with Google AdSense, see: https://support.google.com/adsense/answer/9007336.
Please note that cookies or similar recognition technologies (e.g. device fingerprinting) may also be used when using Google Adsense in non-personalized mode. According to Google, these are used to combat fraud and abuse. The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG. The consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs. You can independently adjust your advertising settings in your user account. To do so, click on the following link and log in: https://adssettings.google.com/authenticated.
You can find more information about Google’s advertising technologies here: https://policies.google.com/technologies/ads and https://www.google.de/intl/de/policies/privacy/.
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data is assigned to the respective end device of the user. An assignment to a device ID does not take place.
Furthermore, we can use Google Analytics to record, among other things, your mouse and scroll movements and clicks. and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data sets and uses machine learning technologies in the data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG. The consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
We use Google signals. When you visit our website, Google Analytics records, among other things, your location, search history and YouTube history, as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google signals. If you have a Google account, Google Signal’s visitor data is linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on the user behavior of our users.
We have concluded a contract on order processing (AV) pursuant to Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
This website uses the “e-commerce measurement” function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve its online marketing campaigns. This involves recording information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarized by Google under a transaction ID, which is assigned to the respective user or his device.
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Hotjar
This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool used to analyze your user behavior on this website. Hotjar allows us to record your mouse movements, scrolling movements and clicks, among other things. Hotjar can also determine how long you have remained with the mouse pointer on a certain place. From this information, Hotjar creates so-called heat maps, which can be used to determine which website areas are viewed preferentially by the website visitor.
Furthermore, we can determine how long you stayed on a page and when you left it. We can also determine at which point you abandoned your input in a contact form (so-called conversion funnels).
In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator’s web offerings.
Hotjar uses technologies that enable the recognition of users for the purpose of analyzing their (e.g. cookies or the use of device fingerprinting).
The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
If you wish to deactivate the data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/.
Please note that the deactivation of Hotjar must be done separately for each browser or end device. For more information about Hotjar and the data it collects, please see Hotjar’s privacy policy at the following link: https://www.hotjar.com/privacy.
We have concluded a contract on order processing (AV) according to Art. 28 GDPR with the provider mentioned above. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
clarity
This website uses Clarity. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA98052-6399 (USA), docs.microsoft.com/en-us/clarity (hereinafter referred to as “Clarity”).
Clarity is a tool for analyzing user behavior on this website. In doing so, Clarity in particular mouse movements and creates a graphical representation of which part of the website users website users scroll particularly frequently (heat maps). Clarity can also record sessions so that we can view page usage in the form of videos. We also receive information about general user behavior within our website.
Clarity uses technologies that enable the recognition of the user for the purpose of analyzing user user behavior (e.g. cookies or the use of device fingerprinting). Your personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.
The use of Clarity is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective user analysis. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Further details on Clarity’s data protection can be found here: docs.microsoft.com/en-us/clarity/faq.
We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Google Web Fonts (local hosting)
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
Further information on Google Web Fonts can be found at developers.google.com/fonts/faq and in Google’s privacy policy:
policies.google.com/privacy?hl=en.
Security
We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and service providers working for us are bound by the applicable data protection laws.
Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection statements are constantly being revised. Please make sure that you have the latest version.
Affected Rights
You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.
Right to information
You can request information from us concerning whether and to what extent we process your data.
Right to rectification
If we process your data that is incomplete or incorrect, you can request that we rectify or complete such data at any time.
Right to erasure (Right to be forgotten)
You can request that we erase your data if we process it unlawfully or if the processing interferes disproportionately with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of legally regulated retention obligations.
Irrespective of the exercising of your right to erasure, we will erase your data immediately and completely, unless there is a contractual or legal obligation to retain it.
Right to restriction of the processing
You may request that we restrict the processing of your data if
- you dispute the accuracy of the data, namely for a period of time that enables us to verify the accuracy of the data,
- the processing of the data is unlawful, but you refuse to have it erased and instead request a restriction on the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have lodged an objection to the processing of the data.
Right to data portability
You may request us to provide you with the data you have made available to us in a structured, current and machine-readable format and to allow you to forward this data to another responsible party without our interference, provided that
- we process this data on the basis of an agreement which you have submitted and which is revocable or in order to fulfil a contract between us, and
- this processing is carried out using automated methods.
If it is technically feasible, you can ask us to transfer your data directly to another controller.
Right to object
If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right of complaint
If you are of the opinion that we violate German or European data protection law when processing your data, please contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision. If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
Changes to this privacy policy
We reserve the right to change our privacy policy if necessary due to new technologies. Please make sure that you have the most current version. If fundamental changes are made to this privacy statement, we will announce them on our website.
All interested parties and visitors to our website can reach us concerning questions of data protection at the following address:
Nico Becker
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
T +49 941 2986930
F +49 941 29869316
M anfragen@projekt29.de
W www.projekt29.de
