Privacy Policy

Privacy Policy

Thank you for the interest you have shown in our website and the services we offer. We attach great importance to protecting your personal details. We would like to provide detailed information below on the data we collect when you visit our website and use our services and how we subsequently process and use these, as well as the accompanying technical and organizational measures we adopt to protect your privacy.

Please find here the privacy policy for our app: Privacy policy app

The privacy policy for the use of our social media channels on Facebook and Twitter can be found here.

I. Scope of application and regulatory foundations

(1) This Privacy Notice provides information about the nature, scope and purpose of the processing of personal data in connection with our online services and the affiliated web pages, functions and content.

(2) As regards the terms used, e. g. “personal data” or their “processing”, please refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

(3) The term “user” includes all categories of persons affected by data processing. This includes our business partners, (potential) customers, and other visitors of our websites. The terms used, such as “user”, are used in a gender-neutral manner.

(4) The term “user” includes all categories of persons affected by data processing. This includes our business partners, (potential) customers, and other visitors of our websites. The terms used, such as “user”, are used in a gender-neutral manner.

  • Inventory data (e.g. names and addresses of customers);
  • Contact data (e. g. email address, phone number);
  • Contract data (e.g. services requested or purchased products);
  • Usage data (e.g. websites of our online content that you visited, interests in our services and products);
  • Content data (e.g. text entries), as well as
  • Technical data (e.g. IP addresses, device information)

(5) The personal data of users are processed for the following purposes in particular:

  • Provision of the website, its functions and contents;
  • Provision of our contractual services;
  • Customer care;
  • Replies to contact requests and communication with users;
  • Marketing, as well as
  • Security of the website.

(6) We process users’ personal data only in compliance with the relevant data protection provisions. This means that users’ data is only processed with the consent of the data subject or on another legitimate basis regulated by law. This is particularly the case if the data processing is necessary for the fulfillment of our contractual services (e.g. for the processing of orders and requests) and our online services or is required by law, if the users have given their consent or if it is based on our legitimate interests. Legitimate interests include the analysis, optimization, security, and economic operation of our online services.

(7) We point out that the legal basis of the consents (Art. 6 para. 1 sentence 1 lit. a) and Art. 7 GDPR), the legal basis for the processing for the fulfilment of our services and implementation of contractual measures (Art. 6 para. 1 sentence 1 lit. b) GDPR), the legal basis for processing to fulfil our legal obligations (Art. 6 para. 1 sentence 1 lit. c) GDPR) and the legal basis for processing to protect our legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

II. Security measures

(1) We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. This is intended to protect the data we process in particular against accidental or intentional manipulation, loss, deletion or unauthorized access by third parties. The security measures also include the encrypted transmission of data between your browser and our server.

(2) In addition, we have established procedures to ensure the exercise of data subjects’ rights, the deletion of data and a response to the compromise of data.

III. Data Dissemination to Third Parties and Third-Party Suppliers

(1) Insofar as we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transmit it to them or otherwise grant them access to the data, this shall only be done on the basis of legal permission. This applies, for example, if the data is transferred to third parties (Art. 6 para. 1 sentence 1 lit. b) GDPR), if this is necessary for the performance of a contract, if you have consented (Art. 6 para. 1 sentence 1 lit. a) and Art. 7 GDPR), a legal obligation provides for this (Art. 6 (1) sentence 1 lit. c) GDPR) or on the basis of our legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR), e.g. when using agents, web hosts, etc.

(2) If we process data in a third country (i.e. outside the European Union or the European Economic Area) or if this occurs in the context of the use of third-party services or the disclosure or transfer of data to third parties, this will also only take place if the special requirements of Art. 44 et seq. GDPR are fulfilled. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU or in compliance with officially recognised special contractual obligations (so-called “standard data protection clauses”).

(3) If we commission third parties with the processing of data in terms of a so-called ‘data-processing contract’, this will be on the basis of Art. 28 of the GDPR.

IV. Collection of access data and log files

(1) We collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 (1) sentence 1 lit. f) GDPR. This data is technically necessary to display the respective website to you and to ensure stability and security. The access data includes, in particular, the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, the website previously visited and the IP address.

(2) Log file information shall be saved for a maximum of seven days for security reasons (e. g. clarification of acts of misuse or fraud) and shall be erased afterwards. Data which must be retained for longer periods for the purpose of evidence are exempted from erasure until the respective incident has been cleared up definitively.

V. Provision of contractually-agreed services

(1) We process inventory, contact, contract and content data for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 Para. 1 Sentence 1 lit b) GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.


(2) User data may be stored in our customer relationship management system (CRM system). We use the HubSpot service of the service provider HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA for this purpose. Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include: Contact Management (e.g. user segmentation & CRM), email marketing and contact forms.
We have concluded a commissioned processing agreement with the service providers in accordance with Art. 28 GDPR. In addition, in the event of data transfer to third countries subject to data protection law, suitable guarantees exist for the protection of data subjects within the meaning of Article 46 (1) GDPR through the conclusion of standard data protection clauses and including the performance of a data transfer impact assessment pursuant to Article 46 (2) (c) GDPR. In this regard, we would like to expressly point out any risks, for example the more difficult enforcement of data subject rights under data protection law.
Further information regarding data processing by HubSpot is available in the company’s data protection information.


(3) Users who make use of our software service must register and create a user account in which they can, among other things, view the licence they have booked and their invoices. If you register for our product or other offers, we will provide you with the required mandatory information as part of the registration process. As part of the further registration process, we ask you to agree to our General Terms and Conditions and to read our data protection declaration. The data collected by us in this process will be used exclusively for the provision of the product. The processing of the required mandatory data is carried out for the purpose of providing our product for the fulfilment of the contract or for the processing of pre-contractual measures in accordance with Art. 6 Para. 1 Sentence 1 lit. b) GDPR.


(4) Within the scope of the use of our functions of registration and renewed registrations as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests according to Art. 6 para. 1 sentence 1 lit. f) GDPR, as well as those of the users in protection against misuse and other unauthorised use. As a matter of principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so. The data is automatically deleted after 7 days.

(5) As a user, you can collaborate with several other users on one farm in our service (e.g. as a farmer with feeders, feeding advisor and veterinarian). If you add a user, we use the email address to check whether the user entered is already registered with fodjan. If the user is already registered, he or she will also receive access to your farm. If the e-mail address does not yet exist in our system, a new user will be created and notified by e-mail so that he/she/* can assign the password himself/herself. All other important information can be found here. The data we collect in this process is used exclusively for user verification. The processing of the required mandatory data is carried out for successful user invitation and administration of user rights for the processing of pre-contractual measures or for the fulfilment of the contract in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.

(6) The registration data collected will be deleted as soon as processing is no longer necessary. This usually happens when you stop (terminate) using our offered product. However, we must observe tax and commercial retention periods. The erasure of data to provide contractually agreed services shall take place after expiry of statutory and comparable obligations. If statutory archiving obligations apply, the data shall be erased when these obligations expire (end of retention requirement acc. to commercial (6 years) or tax law (10 years)). Entries in any customer account remain there until they are deleted.

VI. Contacting us

(1) E-mail
When contacting us by e-mail, the user’s details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6 (1) sentence 1 lit. b) GDPR. We delete the data accruing in this context after storage is no longer necessary or – in the case of statutory retention obligations – restrict processing.


(2) Contact form
If you contact us via our contact form, your e-mail address, your IP address and the date and time of contact are collected. This data is stored and used for the purpose of answering your request or for contacting you and the associated technical administration, as well as for prosecution in the event of misuse of our contact form.
In addition, we process the data you voluntarily provide in the free text field. This can be, for example, your master data (names, addresses), contact data (e-mail, telephone numbers) or other content data (text entries). The data is processed to answer your enquiries and to communicate with you.
We process your data for the fulfilment of the contract or for the execution of pre-contractual measures according to Art. 6 para. 1 sentence 1 lit. b) GDPR, or due to our legitimate interest according to
Art. 6 para. 1 sentence 1 lit. f) GDPR to respond to your enquiry.
Your data will be deleted once we have completed processing your enquiry, provided that there are no statutory retention obligations to the contrary.


(3) Making an appointment
When you make an appointment, you are given the opportunity to register for a meeting with one of our employees by selecting the meeting metadata (date, time, duration). We will provide you with the required mandatory information as part of the registration process. Basically, we collect your first name, your last name and your e-mail address. In addition, you have the option to voluntarily provide us with further data such as your telephone number or to voluntarily enter further information in a free text field regarding the meeting occasion, your business activity (agricultural business, feed trade, consulting, stable technology, etc.), your product interest or other content data (text entries).
The data will be stored and used for the purpose of answering your request and conducting the meeting with our employee. We process your data for the fulfilment of the contract or for the execution of pre-contractual measures according to Art. 6 para. 1 sentence 1 lit. b) GDPR, or due to our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f) GDPR to answer your request.
We use the HubSpot service of the service provider HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA to send the invitation by e-mail. We have concluded an order processing agreement with the service provider in accordance with Art. 28 GDPR. In addition, in the event of data transfer to third countries subject to data protection law, suitable guarantees exist for the protection of data subjects within the meaning of Art. 46 (1) GDPR through the conclusion of standard data protection clauses and including the performance of a data transfer impact assessment pursuant to Art. 46 (2) (c) GDPR. In this regard, we would like to expressly point out any risks, for example the more difficult enforcement of data subject rights under data protection law. For further information regarding data processing by HubSpot, please refer to the company’s data protection information.
We process and store your data as long as it is necessary for the fulfilment of the purposes, in particular contractual and legal obligations. If the data is no longer required for the fulfilment of the purposes, it is regularly deleted, unless its further processing for a limited period is necessary (intervention of legal retention periods).

VII. Comments

In the login area of our software service, certain users (e.g. consultants, vets) with access to the business of a user can leave corresponding comments. In this case, also the name of the commenting user is listed, but not published, since the comment is only intended for the specific user. When collecting log file information, also the IP address of the commenting user will be stored for 7 days; see section 4 of this privacy policy.

VIII. Newsletter

(1) On our website you have the possibility to register for our topic-related newsletters and mailings. To register, it is sufficient to enter your e-mail address. In order to enable a personal address, we ask you to enter your first and/or last name. The personal data that will also be transmitted to us can be seen from the input mask used for this purpose. If the contents are specifically described in the context of a registration, they are decisive for the user’s consent. By subscribing to our newsletter, you agree to receive it and to the procedures described.


(2) The newsletter and e-mails are sent on the basis of your consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a) GDPR (possibly in conjunction with § 7 Para. 2 No. 3 Unfair Competition Act – German: UWG) or, if consent is not required, on the basis of our legitimate interests in direct marketing in accordance with Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
lit. f) GDPR in conjunction with. § 7 para. 3 of the German Unfair Competition Act (UWG), if and to the extent that this is permitted by law, e.g. in the case of advertising to existing customers.


(3) We use the HubSpot service of the service provider HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA to send e-mails. We have concluded an order processing agreement with the service provider in accordance with Art. 28 GDPR. In addition, in the event of data transfer to third countries subject to data protection law, suitable guarantees exist for the protection of data subjects within the meaning of Art. 46 (1) GDPR through the conclusion of standard data protection clauses and including the performance of a data transfer impact assessment pursuant to Art. 46 (2) (c) GDPR. In this regard, we would like to expressly point out any risks, for example the more difficult enforcement of data subject rights under data protection law. Further information regarding data processing by HubSpot is available in the company’s data protection information.


(4)

Registration for our newsletter only takes place after prior registration via form. This means that after registration you will receive an e-mail in which you will be informed of your registration and, if you have not registered yourself, you will also find a link to reject the registration. Please therefore also check your spam folder after registering, should our message have been placed there by your provider. Registrations for the newsletter are stored in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time as well as the e-mail address and, if applicable, the name and self-entered information in the form.

The registration process is recorded on the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The registration procedure is recorded for the purpose of proving that it has been carried out properly

(5) You can revoke your consent to receiving our newsletter or emails at any time with future effect by confirming the unsubscribe link at the end of each email.

(6) Based on our legitimate interests, we can save the e-mail addresses we have withdrawn for up to three years before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that the previous consent is confirmed. In the event of obligations to permanently observe contradictions, we reserve the right to save the email address for this purpose only in a blacklist.

IX. Newsletters and email tracking

(1) Our newsletters and mailings contain a so-called “web beacon”, that means a pixel-sized file that is retrieved when the email is opened by the server of our shipping service provider. As part of this retrieval, technical information such as information about the browser and Your system, as well as your IP address and the time of access.

(2) ) This information is used for the technical improvement of our newsletter and our mailing based on the technical data or the target groups and their reading behavior based on their location (which can be determined using the IP address) or the access times. This analysis also includes determining whether the emails are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual recipients. However, it is neither our aim nor, if used, that of the shipping service provider to observe individual users. The evaluations rather serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

(3) For the analysis, we use the HubSpot service of the service provider HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141. We have concluded an agreement on commissioned processing with the service provider in accordance with Art. 28 GDPR. In addition, in the event of data transfer to third countries subject to data protection law, suitable guarantees exist for the protection of data subjects within the meaning of Art. 46 (1) GDPR through the conclusion of standard data protection clauses and including the performance of a data transfer impact assessment pursuant to Art. 46 (2) (c) GDPR. In this regard, we would like to expressly point out any risks, for example the more difficult enforcement of data subject rights under data protection law. Further information regarding data processing by HubSpot can be found in the company’s data protection information.


(4) The evaluation of the newsletter and the measurement of its success are carried out, subject to the express consent of the users within the meaning of Article 6 (1) sentence 1 a) of the Data Protection Regulation, on the basis of our legitimate interests pursuant to Article 6 (1) sentence 1 f) of the Data Protection Regulation for the purpose of using a user-friendly and secure newsletter system that both serves our business interests and meets the expectations of the users.

(5) A separate revocation of the success measurement is unfortunately not possible, in this case the entire subscription to the newsletter must be canceled or objected to.

X. Cookies

Click here to update the cookie settings:

Cookies

(1) We use cookie technology for our website. Cookies are small text files that are stored on your end device, as assigned accordingly by the browser that you use, which allow the entity that places the cookie (in this case, us) to then receive certain information. Cookies cannot run programs or transmit viruses to your computer. Their purpose is to make the overall web offering more user-friendly and effective.

(2) We use transient and persistent cookies. Transient cookies are automatically erased when you close your browser. These include, in particular, session cookies. These store what is referred to as the “session ID”, by which various requests from your browser can be assigned to the shared session. This will allow your end device to be recognised if you return to our website. Session cookies will be erased as soon as you close your browser. Persistent cookies are stored by your end device between browser sessions so that your interest or actions can be saved across the use of several websites. Persistent cookies are deleted automatically after a set period. We do not utilise our own persistent cookies; this is handled by our technology partners to measure coverage and for marketing purposes and the users will be given information on this separately in this privacy policy.

(3) You can erase the cookies in the security settings of your browser at any time. Furthermore, you can configure your browser setting according to your requirements and can, for example, decline the acceptance of third party cookies or any cookies at all. Please note that in this case, you may not be able to use all of the functions of our website.

(4) You can object to the use of cookies for coverage measurement and marketing purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and also the US web page (http://www.aboutads.info/choices) or the European web page (http://www.youronlinechoices.com/uk/your-ad-choices/).

XI. Google Analytics

(1) On the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR and with regard to the setting of cookies pursuant to § 25 para. 1 of the German Teleservices Data Protection Act (“TTDSG”) in conjunction with Art. 4 No. 11, Art. 7 GDPR we use Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”). For this purpose, an order processing contract has been concluded with Google in accordance with Art. 28 GDPR. In addition, in the event of data transfer to the parent company Google LLC – based in the USA – suitable guarantees exist for the protection of data subjects within the meaning of Article 46 (1) GDPR through the conclusion of standard data protection clauses in accordance with Article 46 (2) (c) GDPR. Your declaration of consent also expressly includes the possible global transfer and processing of data by other group companies of Google LLC. In this regard, we would like to expressly point out any risks, for example, the more difficult enforcement of data subject rights under data protection law.

(2) Google Analytics uses cookies or comparable technologies to process usage data (e.g. visited websites, access times) and communication data (e.g. IP addresses, device information) on our behalf in order to evaluate the use of our online service, compile reports on activities within our online service and provide other services associated with the use of our online service. It is also possible to create pseudonymous user profiles.

(3) Google Analytics is used exclusively by means of IP anonymisation. All processed personal data is deleted or completely anonymised after 14 months. We have concluded an agreement with Google for order processing in accordance with Art. 28 GDPR. Further information on the use of data by Google, setting and objection options, can be found in the Google data protection declaration and in the settings for the display of advertising by Google.

(4) We use Google Analytics in order to display the advertisements placed within the advertising services of Google and its partners only to those users who have also shown an interest in our online offer or who exhibit certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) which we transmit to Google (so-called “remarketing” or “Google Analytics Audiences”). With the help of remarketing audiences, we also want to ensure that our advertisements correspond to the potential interest of the users and are not annoying.

XII. Google-Re/Marketing-Services

(1) We use the marketing and remarketing services of Google Ireland Limited (“Google”) on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit a.) GDPR as well as with regard to the setting of cookies pursuant to § 25 para. 1 of the German Teleservices Data Protection Act (“TTDSG”) in conjunction with Art. 4 No. 11, Art. 7 of the GDPR the marketing and remarketing services (in short “Google marketing services”) of Google Ireland Limited (“Google”). For this purpose, an order processing contract has been concluded with Google in accordance with Art. 28 GDPR. In addition, in the event of data transfer to the parent company Google LLC – based in the USA – suitable guarantees exist for the protection of data subjects within the meaning of Article 46 (1) GDPR through the conclusion of standard data protection clauses in accordance with Article 46 (2) (c) GDPR. Your declaration of consent also expressly includes the possible global transfer and processing of data by other group companies of Google LLC. In this regard, we would like to expressly point out any risks, for example, the more difficult enforcement of data subject rights under data protection law.

(2) The Google Marketing Services allow us to display ads for and on our website in a more targeted manner to present only ads to users which potentially correspond to their interests. If e. g. ads are displayed for products in which a user has shown interest on other webpages, this is called “remarketing”. For this purpose, a Google code is executed directly by Google when our web pages and other web pages on which Google Marketing Services are active are accessed and so-called (re)marketing tags (invisible graphics or code, also referred to as “web beacons”) are embedded. With the help of these tags, an individual cookie, i.e. a small file, is saved on the user’s device (instead of cookies other comparable technologies may also be used). Cookies can be set by various domains including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. The web pages visited by the user, the content they are interested in, the offers they clicked on as well as technical information on browser and operating system, referring web sites, duration of the visit and other information regarding the usage of the online services are stored in this file. In addition, the user’s IP address is recorded. In this regard, we inform you within the scope of Google Analytics that the IP address is abbreviated in EU member states or other states in the European Economic Area and is only transmitted as a whole to a Google server in the USA and abbreviated there in exceptional cases. The IP address will not be matched with data of the user within other services provided by Google. Google may connect the above information to corresponding information from other sources. If the user subsequently visits other web pages, ads which are adjusted to their interests can be displayed.

(3) The data of the users will be processed pseudonymously within the scope of Google Marketing Services. This means that Google saves and processes e. g. not the user’s name or email address, but the relevant data based on cookies in pseudonymous user profiles. This means that from Google’s point of view, the ads are not managed and displayed for an actually identified person but for cookie owners independent of the identity of the cookie owner. This does not apply if a user has expressly allowed Google to process data without pseudonymisation. The information which Google Marketing Services has collected on the user are transmitted to Google and saved on Google servers in the USA.

(4) Google Marketing Services we use include the online advertising program “Google Ads” and others. In case of Google Ads, each Ads customer receives a different “conversion cookie”. Cookies can therefore not be tracked via the websites of Ads customers. The information which was obtained with the help of the cookie is used to create conversion statistics for AdWords customers who opted for conversion tracking. Ads customers receive information on the total number of users who clicked on their advertisement and were referred to a page with a conversion tracking tag. They do not, however, receive any information which can be used for the personal identification of users.

(5) Further information on data use for marketing purposes by Google can be found on the overview page: https://policies.google.com/technologies/ads. For more information on Google’s use of data, settings and opt-out options, please refer to Google’s privacy policy. If you wish to object to interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google, see https://adssettings.google.com/authenticated.

XIII. Reach analysis with Matomo

(1) In order to optimise our fodjan online access more with regard to the needs of the users, we analyse the usage behaviour of the visitors on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR and with regard to the setting of cookies in accordance with § 25 para. 1 of the German Data Protection Act (TTDSG) in conjunction with Art. 4 no. 11, Art. 7 GDPR with the data-saving web analysis service Matomo. The cookies are only set on our web platform.


(2) Matomo uses cookies to analyse the usage behaviour of visitors to our fodjan web access. For evaluation purposes, the usage information generated by the cookie (including your anonymised IP address) is transmitted to our server and stored for the purpose of later evaluation and optimisation of our web portal content. Even before your IP address is transmitted to our server, your IP address is anonymised by deleting the last two number blocks, so that you as a user remain completely anonymous to us. The information on how our visitors use our web portal will of course not be passed on to third parties, unless we are obliged to do so by law in exceptional cases – e.g. on the basis of a court order.


(3) Users can object to the anonymised data collection by the Matomo programme at any time with future effect by clicking on the link below. In this case, a so-called opt-out cookie is stored in their browser, which means that Matomo no longer collects any session data. However, if users delete their cookies, the opt-out cookie will also be deleted and must therefore be reactivated by the users.

Klicken Sie auf den unteren Button, um den Inhalt von matomo.fodjan.de zu laden.

Inhalt laden

XIV. Use of social media plug-ins

(1) We currently have the following social media presences linked on our website: Facebook and Twitter. We have no influence on whether the operators of other websites comply with data protection regulations. Please note that if you click on a link from another website, you will be subject to different data protection regulations.


(2) For further information on the purpose and scope of data collection and its processing by the social media provider, please refer to the data protection declarations of these providers communicated below. There you will also receive further information on your rights in this regard and setting options for protecting your privacy.

XV. Embedding YouTube Videos

(1) Within our website, we use the Youtube embedding function with your consent to display and play Youtube videos. The processing of your personal data associated with the integration is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. Your declaration of consent also expressly includes the possible worldwide transmission and processing of data by other group companies of Google LLC. In this regard, we would like to expressly point out any risks, for example, the more difficult enforcement of data protection rights. By concluding standard data protection clauses in accordance with Article 46 (2) (c) of the GDPR, suitable guarantees exist for the protection of data subjects within the meaning of Article 46 (1) of the GDPR in the event of data being transferred to the parent company Google LLC, which is based in the USA.


(2) We use the extended data protection mode, which, according to the provider, only triggers the storage of user information when the video is played. At the moment the playback of the embedded video is started, your IP address is transmitted to Youtube. Furthermore, a cookie is set to collect information about your user behaviour. According to information from Youtube, this information is used, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive behaviour.


(3) Further information on data protection at YouTube can be found in the provider’s data protection declaration at: https://www.google.de/intl/de/policies/privacy/; Opt-out option: https://adssettings.google.com/authenticated.

XVI. Blogs and publication media

We operate a blog or comparable means of online communication and publication (hereinafter “publication medium”) via our website. Readers’ data is processed for the purposes of the publication medium only insofar as it is necessary for its presentation or for reasons of security.

XVII. Google Tag Manager

Google Tag Manager is a tool with which we can manage so-called website tags and thus integrate e.g. Google Analytics and other Google marketing services into our online offer. The Tag Manager itself does not create user profiles or store cookies. Google only learns the user’s IP address, which is necessary to run the Google Tag Manager.  The service is provided by Google Ireland Limited (“Google”). Further information can be found at https://tagmanager.google.com/. For more information on Google’s use of data, setting and objection options, please refer to Google’s privacy policy. We would like to point out that if the service provider supports this, we will work towards the conclusion of commissioned processing agreements in accordance with Art. 28 GDPR and standard contractual clauses in accordance with Art. 46 para. 2 lit. c) GDPR.

XVIII. Google Fonts 

We use Google Fonts, a service of Google Ireland Limited (“Google”), for the uniform display of fonts in different browsers of our website visitors and for the technically secure, maintenance-free and efficient use of fonts, as well as taking into account possible restrictions under licensing law for their integration. The legal basis is our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f) GDPR.

The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for fonts are made separately from all other Google services. According to Google, it only restricts itself to providing fonts and only evaluates the visitors’ data in aggregated form. This means that the sum of all data is only used to create statistics (e.g. which font is used how often). For this purpose, usage data (e.g. interest in content) as well as meta and communication data (e.g. device information and IP addresses) are processed, aggregated according to Google.

For more information on Google’s use of data, setting and objection options, please refer to Google’s privacy policy. Further information can be found at https://fonts.google.com/.

XIX. Rights of the users

Persons concerned may at any time request information about the personal data concerning them and, if necessary, request rectification or deletion or restriction of processing, or object to processing. There is also a right to data portability in their favour. Furthermore, if the data processing is carried out on the basis of consent, this can be revoked at any time for the future. To exercise your rights, please contact our data protection officer, RA Alexander Weidenhammer, Dresdner Institut für Datenschutz at datenschutz[at]fodjan.de (further contact details at www.dids.de). In addition, pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if it is suspected that the processing of personal data is unlawful.

XX. Erasure of data

(1) The data we have saved will be erased as soon as they are no longer required for their purpose and the erasure does not conflict with any statutory retention obligations. If the data of the users are not erased, since they are required for other purposes which are permitted by law, their processing will be restricted. This means that the data will be blocked and not processed for any other purposes. This applies e. g. to data which has to be preserved due to commercial law or tax law.

(2) In accordance with legal requirements, data are stored for 6 years pursuant to section 257 clause 1 Commercial Code (e.g. commercial and business correspondence) and for 10 years pursuant to section 147 clause 1 Fiscal Code (e.g. account books and booking confirmations).

XXI. Right to Object

Users can object to the future processing of their personal data according to the legal requirements at any time. The right to object applies, in particular, to the processing for direct marketing purposes.

XXII. Changes to the Privacy Policy

We kindly request the user to refer to the content of our privacy policy on a regular basis. We will modify the privacy policy whenever this is required due to changes in our data processing methods or amended legal requirements. We will inform you if we need your cooperation (e.g. consent) to implement the modifications or if any other individual notification becomes necessary.