Privacy policy


Responsibility:

Name/company: Lebenslauf.de GmbH
Street, no.: Deisterstraße 20
Postcode, City, Country: 31785 Hameln
Commercial register no.: HRB 216 458
Management: Jannis Lindschau, Fabian Simon

Telephone number +49 5151 82 129 36
E-Mailadresse: contact@cvhero.es

You can reach our data protection officer at datenschutz@lebenslauf.de

Status: 30.01.2023

Cookies are set on this site. Here you can revise or view your consent:

The information in this privacy policy serves to clarify the purpose, scope and nature of the processing of your personal data within our entire online offering and all associated websites, including their functions and content (hereinafter collectively referred to as "website" or "online offering"). This declaration applies to all platforms and devices (e.g. mobile devices or desktop PCs) on which our online offering is used or executed, regardless of the domains or systems used. This information is provided in accordance with Art. 13 GDPR. The terms used, such as "personal data" or their "processing", are explained in the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Personal user data processed within this online offering includes, for example, personal data (such as customer names and contact data), as well as data on usage and customer entries within our online offering (e.g. details of a CV or cover letter).

The terms used, such as "user", "customer" or "service provider", are to be understood as gender-neutral. All personal user data is processed in compliance with the relevant data protection regulations. The basis for this is the existence of a legal authorisation and the consent of the user. If the data processing is necessary for the provision of our contractual services (e.g. order processing) or the online service (e.g. to ensure and comply with legal regulations), or also due to our legitimate interest (e.g. for the security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, analysis to optimise the security and efficiency of our operations, incl. profiling for advertising and marketing purposes, collection of reach and access data and third-party services), we will use the data within the scope of legal permission. Art. 6 para. 1 lit. a. and Art. 7 GDPR form the legal basis for the consents, Art. 6 para. 1 lit. b. GDPR serves as the legal basis for processing for the performance of contracts and services. The legal basis for the processing of data for the fulfilment of our legal obligations is Art. 6 para. 1 lit. c. GDPR, and the legal basis for the processing of data for the protection of our legitimate interests is Art. 6 para. 1 lit. f. GDPR.

Disclosure of data to third parties and third-party providers

Data is only passed on to third parties within the framework of legal requirements. It only takes place if this is necessary for the purpose/fulfilment of the contract (in accordance with Art. 6 para. 1 lit. b) GDPR), or on the basis of legitimate interests in our economic and effective business operations (in accordance with Art. 6 para. 1 lit. f. GDPR). In order to comply with legal requirements and to protect personal data, we also take appropriate legal, technical and organisational measures when using subcontractors. If third-party services, tools or other means are used and the named registered office of this provider is located in a third country, a data transfer to this country is also likely. The GDPR is an EU regulation and applies to all member states anyway. Data is only transferred to countries outside the EU or the European Economic Area with legal authorisation, user consent or an adequate level of data protection in the respective third country. We identify these third-party providers in the following sections.

Our websites and our e-mail service are hosted by our sister company Synatix GmbH (Deisterstraße 20, 31785 Hameln, Germany) and the co-location provider Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany) (so-called "hosters"). Personal data that is collected on our websites is stored on the servers of our hoster. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hosting service provider.

Measures for protection and security

In order to protect the data processed by us against accidental or intentional manipulation, destruction, loss or access by unauthorised persons, and to comply with the provisions of data protection laws, we take technical, organisational and contractual security precautions in accordance with the state of the art. Check whether we use https The encrypted transmission of data between our server and your browser is one of the security measures used.

Fulfilment of contractual services

In order to fulfil our contractual and service obligations, we process inventory data (e.g. name and address as well as user contact data) and data on concluded contracts (e.g. services used, information on payment and shipping) in accordance with Art. 6 para. 1 lit b. GDPR. The mandatory information required to create a user account is provided to users during the registration process. It is not possible for search engines to index user accounts as they are not public. Data from cancelled user accounts will be deleted unless storage is necessary for commercial or tax law reasons (in accordance with Art. 6 para. 1 lit. c GDPR). In the event of cancellation, users are responsible for backing up their data before the end of the contract. We are authorised to irretrievably delete all user data stored during the term of the contract. To protect against misuse or unauthorised use and to safeguard our legitimate interests, we store the IP address and time of registration, re-registration and use of our online services by the user. In principle, this data is not passed on to third parties, with the exception of the pursuit of our claims or a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR. For advertising purposes, we create a user profile based on usage data (e.g. visits to our websites or specific product interests) and content data (entries in forms or details in the customer account) in order to be able to display product information and offers of interest to the user.

Contact by the user

To process user enquiries (by e-mail or contact form), the user's details are processed in accordance with Art. 6 para. 1 lit. b) GDPR.

Our enquiry organisation (customer relationship management) may store the user's details under certain circumstances.

Online presence in social media

With consent within the meaning of Art. 6 para. 1 lit. a. GDPR, we maintain online presences on social networks and platforms. We use these to communicate with customers, interested parties and users and to provide information about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply. If this privacy policy does not specify any further data processing, the data of users who communicate with us or interact with our content will be processed.

Measurement of reach and use of cookies

Cookies are small files that are stored on users' data carriers. We mainly use cookies (session cookies), which are deleted from the respective storage medium at the end of the browser session. Session cookies are required, for example, to enable shopping basket functions or the storage of your entries across several pages. However, we also use cookies that remain on the user's hard drive. This makes it possible to automatically recognise the user on a return visit and the preferred entries and settings. These cookies are stored on the hard drive for a period of one month to 10 years and delete themselves after the specified time. These cookies are primarily used to make the online offering more user-friendly, secure and effective. We also inform users within this privacy policy about the use of cookies in the context of pseudonymised reach measurement. If users wish to avoid the storage of cookies, this option can be deactivated in the browser settings. Cookies that have already been saved can also be deleted there, but the exclusion of cookies can lead to functional restrictions of our online offer. You can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the network advertising initiative https://optout.networkadvertising.org , the European website https://www.youronlinechoices.com/uk/your-ad-choices and also the US website https://www.aboutads.info/choices .

Collection of access data and records (log files)

For each access to our servers, we collect corresponding data (so-called server log files), including date and time, data volume, name of the website accessed, success message about the access, the operating system including browser type and version, the previously visited website, the IP address and the provider, in our legitimate interest within the meaning of (Art. 6 para. 1 lit. f. GDPR). For security reasons, the log file information is stored for a maximum of seven days to investigate fraud or misuse and then deleted. If certain data is required for evidentiary purposes, deletion will be postponed until the incident has been finally clarified.

Deployment and use of Google Analytics

Limited use of Google Analytics

Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For the optimisation, analysis and economic operation of our online offer, we use Google Analytics in our own interest within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR, we use Google Analytics, but only in a very limited form. Data is only collected in anonymised form for statistical purposes. Google itself does not set any cookies and no data is used for advertising purposes. As a rule, Google truncates the IP address of the user within the EU or the EEA (activated IP anonymisation).

Full use of Google Analytics

Furthermore, with the user's consent (Art. 6 para. 1 lit. a.), we also use the full functionality of Google Analytics. In some cases, this uses cookies to analyse information about the use of the online offering by users. Google creates reports on our behalf about the use of our online offering. For this purpose and for other services on our behalf, information about the activities of users within our website is collected. This information can also be used to create pseudonymised user profiles.

We use Google Analytics to display adverts placed by Google's advertising services (and its partners) only to those users who have certain characteristics (interest in certain topics or products, so-called remarketing). By using "remarketing audiences", we ensure that the corresponding adverts are not annoying and correspond to the potential interest of the user.

Users can prevent the collection and processing of user data by downloading and installing the browser plugin available at this link: https://tools.google.com/dlpage/gaoptout?hl=en The storage of cookies can also be prevented by settings in the respective browsers or by withdrawing consent in our Consent Manager. At the beginning of this privacy policy, you can adjust your consent by opening the Consent Manager and making the appropriate settings. Further information on setting and objection options as well as data collection by Google can be found directly at Google: https://policies.google.com/technologies/partner-sites?hl=en , https://policies.google.com/technologies/ads, you can also view and edit your ad settings here, https://myadcenter.google.com/personalizationoff?sasb=true&ref=ad-settings.

Google Signals

With the separate consent of the user within the meaning of (Art. 6 para. 1 lit. a.), we use the Google Signal services that enable Google Analytics to measure cross-device interactions with our content.

Deployment and use of Google Re/marketing services

With the consent of the user within the meaning of (Art. 6 para. 1 lit. a. GDPR), we use the marketing and remarketing services ("Google Marketing Services" for short) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use Google Marketing Services to display adverts for and on our website in a more targeted manner, with the aim of presenting users primarily with adverts that are of potential interest to them. If, for example, adverts are displayed for products that the user was interested in on previous pages, this is referred to as "remarketing". On all websites (ours and others) on which Google marketing services are activated, a code from Google is executed immediately when the page is called up and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. As a result, an individual cookie (or comparable technology) is stored on the user's device. These can be set by various domains, including doubleclick.net, googlesyndication.com, admeld.com, google.com, invitemedia.com or googleadservices.com. The stored file contains data on the websites visited by the user and which offers they have shown interest in. In addition, technical information about the operating system, the browser used, the duration of the visit, referring websites and use of the online offer is stored. As a rule, Google truncates the IP address of the user within the EU or the EEA (activated IP anonymisation). The IP address is not merged with other user data. Google may also combine user information with information from other sources. Accordingly, adverts that match the user's interest profile may also appear on our online offering.

As part of the Google marketing service, all user data is processed pseudonymously. This means that neither the user's name nor e-mail address is stored. All relevant data is only stored as a user profile in relation to cookies. Adverts are therefore not person-dependent, but exclusively cookie-dependent. If the user has given Google permission, the data can also be processed without pseudonymisation.

The integration of third-party adverts takes place, for example, on the basis of Google's "DoubleClick" or "AdSense". Both programmes use cookies that enable Google and its partner websites to place advertisements based on the user's website visits.

You can deactivate interest-based advertising by Google marketing services by using the setting and opt-out options provided by Google: https://myadcenter.google.com/personalizationoff?hl=en&sasb=true&ref=ad-settings. You can adjust your consent at the beginning of this privacy policy by opening the Consent Manager and making the appropriate settings. The overview page https://www.google.com/policies/technologies/ads from Google provides you with further information on the use of data for marketing purposes. The Google privacy policy can be https://www.google.com/policies/privacy .

Google Tag Manager

In our legitimate interest within the meaning of (Art. 6 para. 1 lit. f. GDPR), we use the Google Tag Manager service to control and operate the website content. This is a tag management service that is provided on a cookie-less domain and supports us in the area of consent management as well as the integration of various third-party providers. This service is essential for the operation of the site.

Tag Manager Server

We also use Google Tag Manager Server, which enables us to combine external data communications. This service is operated on European Google Cloud servers, primarily based in Germany. This cloud server provider is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. Further information on data processing can be found at https://cloud.google.com/terms/data-processing-terms?hl=de

Google Customer Match

Purpose and legal basis: To improve measurement, our online conversions and optimisation of campaign control, we use the Google Customer Match Lists service on our website, an analysis service of Google Inc. (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland: "Google"). By using Google Customer Match Lists, self-collected data provided by users of the website can be processed as hash values and assigned to the corresponding Google accounts of the customer in which the user was logged in when an interaction with the advert took place. The data collected in this way helps us to address visitors more effectively, to track conversions that would otherwise not have been recorded and to optimise our offer. Name, e-mail addresses, telephone numbers, addresses and identifiers provided by the customer may be collected.

We would like to point out that it cannot be ruled out that data may be transferred to the USA. No level of data protection comparable to that in the EU can be guaranteed in the USA. For example, US companies are obliged to disclose personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, analyse and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. a in conjunction with Art. 49 para. 1 subpara. 1 lit. a GDPR (consent).

You can revoke your consent at any time with effect for the future by accessing the consent settings and changing your selection there. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

Further information and Google's privacy policy can be found at: https://business.safety.google/intl/de_ALL/compliance/#?modal_active=noneRecipients (categories): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Integration and use of Facebook marketing services

With the consent of the user within the meaning of (Art. 6 para. 1 lit. a. GDPR), we use the so-called "Facebook pixel" for our online offer, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). We use the Facebook pixel to display our adverts only to those Facebook users who have also shown an interest in our online offering, certain products or topics. We also want to use the Facebook pixel to ensure that our adverts on Facebook correspond to the potential interest of users and are not annoying. The Facebook pixel enables us to determine the effectiveness of our Facebook ads and to compile statistics on how many users visit our online offering via an advert.

When one of our websites is accessed, the Facebook pixel is automatically integrated into the page and a cookie can be stored on the user's device. If the user is logged in to Facebook during this time or logs in later, the visit to our online offering is also saved in the corresponding Facebook profile. The data collected is anonymised and does not allow us to draw any conclusions about the user's identity. However, Facebook itself stores and processes the data, which means that Facebook's own use for advertising or market research purposes is also possible through the connection to the respective Facebook profile. If it is necessary for us to synchronise the data with Facebook, it is first encrypted within the browser and only then sent by us to Facebook via a secure connection.

The scope and processing of the data are set out in Facebook's data usage policy. You can also find basic information on Facebook adverts at: https://www.facebook.com/policy.php. Further information on Facebook Pixel and how it works can be found in Facebook's help section: https://www.facebook.com/business/help/651294705016616, https://www.facebook.com/policy.php. In the context of use, personal data is transmitted to Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. There is no adequacy decision by the European Commission. Data is transferred on the basis of the EU standard contractual clauses. It is possible to object to the collection of data by the Facebook pixel and to the use of your data to display Facebook ads. To do this, visit the page set up by Facebook and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. All settings are platform-independent, so the application works on all end devices (e.g. mobile or desktop devices). You can view and change whether the collection of your data using the Facebook pixel is activated on our website in our Consent Manager. Furthermore, you can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the network advertising initiative https://optout.networkadvertising.org, the European website https://www.youronlinechoices.com/uk/your-ad-choices and also the US website https://www.aboutads.info/choices.

Information about Firstlead GmbH / ADCELL partner programme

This website works with tracking cookies and pixels from Firstlead GmbH with the ADCELL brand (www.adcell.de) with the consent of the user within the meaning of (Art. 6 para. 1 lit. a. GDPR). As soon as the visitor clicks on an advert with the partner link, a cookie is set. Firstlead GmbH / ADCELL uses cookies in order to be able to trace the origin of orders. Firstlead GmbH / ADCELL also uses so-called tracking pixels. These allow information such as visitor traffic on the pages to be analysed. The information generated by cookies and tracking pixels about the use of this website (including the IP address) and the delivery of advertising formats is transmitted to a Firstlead GmbH / ADCELL server and stored there. Among other things, Firstlead GmbH / ADCELL can recognise that the partner link on this website has been clicked. Firstlead GmbH / ADCELL may pass this (anonymised) information on to contractual partners under certain circumstances, but data such as the IP address will not be merged with other stored data. You can view and change whether the collection of your data using the Adcell pixel is activated on our website in our Consent Manager.

Customer feedback and Trustpilot

To improve our service (the "Purpose"), we collect customer feedback, for which we work with an external company, Trustpilot A/S ("Trustpilot").

Customers may be asked to rate our service on our website. If you would like to receive a review invitation from Trustpilot by e-mail, you must agree to receive and transmit your name, e-mail address and order number to Trustpilot.

If you would like to find out more about how Trustpilot processes your data, you can view the company's privacy policy here.

Use of the e-mail dispatch and newsletter offer

If you subscribe to our company's newsletter, the data in the respective input mask will be transmitted to the controller. Registration and subscription to our newsletter are carried out in a so-called double opt-in procedure. This means that after registering with CVhero.com, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people's e-mail addresses. When registering for the newsletter, the user's IP address and the date and time of registration are saved. If there is a double opt-in for the CVhero.com account, the newsletter can also be subscribed to via a single opt-in in the login area. This serves to prevent misuse of the services or the data subject's e-mail address.

The data will not be passed on to third parties. An exception is made if there is a legal obligation to pass on the data. The data is used exclusively for sending the newsletter and transactional e-mails. Subscription to the newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data can also be revoked at any time. There is a corresponding link in every newsletter for this purpose. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a) GDPR if the user has given consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.

Use of Brevo

Description and purpose: We use Brevo to send newsletters and transactional e-mails. The provider is Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany. Brevo is used, among other things, to organise and analyse the sending of newsletters and transactional e-mails. The data you enter for the purpose of subscribing to the newsletter is stored on Brevo's servers in Germany. If you do not wish to be analysed by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the e-mails sent with Brevo contain a so-called tracking pixel, which connects to the Brevo servers when the e-mail is opened. This allows us to determine whether a newsletter message has been opened. We can also use Brevo to determine whether and which links in the newsletter message are clicked on. All links in the e-mail are so-called tracking links with which your clicks can be counted.

Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.

Recipient: The recipient of the data is Sendinblue GmbH. We have concluded an order processing contract with Brevo, in which we oblige Brevo to protect our customers' data and not to pass it on to third parties.

Transmission to third countries: Data is not transferred to third countries.

Duration: The data stored by us as part of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from Brevo's servers after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses etc. for the member area) remain unaffected by this.

Cancellation option: You have the option of cancelling your consent to data processing at any time with effect for the future. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Further data protection information: For more information, please refer to Brevo's data security information at: https://www.brevo.com/legal/privacypolicy/. Further information on data protection at Brevo can be found at the following link https://www.brevo.com/de/datenschutz-uebersicht/.

Integration of third-party services and content

Our online offering also includes content from third-party providers. In our legitimate interest (within the meaning of Art. 6 para. 1 lit. f. GDPR). For the content and its presentation (e.g. videos or fonts), it is necessary for the third-party providers to recognise the user's IP address. This is essential for sending the content to the browser. When selecting third-party providers, we ensure that we only use providers that only use the IP address to deliver the content. Third-party providers may also use web beacons or pixel tags to collect data for statistical and marketing purposes. This allows, for example, information about visitors to the website to be analysed. All data can be stored pseudonymised in cookies on the device used by the user. This data includes technical information on the operating system and browser as well as data on the use of the website. This data can also be combined with data from other sources. Below you will find an overview of the third-party providers integrated by us, including links to the corresponding data protection declarations. These also contain further information on objection options and opt-out options, if these are possible.

If the user uses payment services from third-party providers (e.g. PayPal, Stripe or Micropayment), the data protection information and terms and conditions of the respective third-party provider apply.

Company: PayPal (Europe) S.à r.l. et Cie, S.C.A.
Street: 22-24 Boulevard Royal
Postcode City: 2449 Luxembourg
Country: Luxembourg
Privacy Policy: https://www.paypal.com/myaccount/privacy/privacyhub

Company: micropayment GmbH
Street: Scharnweberstrasse 69
Postcode city: 12587 Berlin
Country: Germany
Privacy Policy: https://www.micropayment.de/about/privacy/?lang=en

Company: Stripe, Inc.,
Street: 510 Townsend Street
Postcode city: 94103 San Francisco, CA
Country: USA
Privacy Policy: https://stripe.com/privacy

Mouseflow

With consent within the meaning of Art. 6 para. 1 lit. a. GDPR, we work with the service Mouseflow, ApS (Flaesketorvet 68, 1711 Copenhagen V, Denmark). This allows us to create so-called heat maps and session recordings. Mouseflow enables us to track the movements of the mouse pointer on our websites. In addition to information on which windows or buttons are clicked by the user and how far the text is scrolled, technical data such as information on the operating system, browser and similar can also be collected and processed. User profiles are temporarily created for this purpose. We can also use this programme to obtain direct feedback from website visitors. In this way, direct interaction can be used to improve customer friendliness and usability. Privacy policy: https://mouseflow.com/privacy/. You can view and change your consent in our Consent Manager.

Personal rights of users

Upon request, every user can obtain information about their personal data stored by us. In addition, users have the right to have incorrect data corrected and to restrict the processing and deletion of their personal data. The right to data portability can also be asserted. A complaint can be lodged with the competent supervisory authority at any time. Any consent given by the user can be revoked at any time, with future effect only.

Data deletion

Data that is not subject to a statutory retention period will be deleted as soon as it is no longer required for its purpose. If deletion is not possible due to its legally permissible purpose or other provisions, its processing will be restricted. Blocking the data therefore prevents it from being processed for other purposes. The data is stored for 6 years in accordance with Section 257 (1) HGB (for trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with Section 147 (1) AO (for books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.). The data collected using Google Analytics is completely anonymised after 50 months. The data collected using Facebook Pixel and Adcell is stored indefinitely.

Right to object and other rights

If the user has given their consent to the processing of their personal data for one or more specific purposes, they have the right to withdraw their consent with effect for the future. In particular, the user has the right to object to the processing of personal data within the scope of legitimate interests at any time free of charge with effect for the future. An e-mail to contact@cvhero.es or to the above-mentioned postal address is sufficient for this purpose. Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. A competent authority is, for example, the State Commissioner for Data Protection of Lower Saxony, Prinzenstraße 5, 30159 Hanover. However, the user can also choose a different one.

Obligation to provide data

The provision of the following data is mandatory (mandatory information):

The provision of the following data is mandatory for the conclusion of a contract (mandatory information)

The following data must be provided in order to use the newsletter:

All other information is not required for the conclusion of the contract and is therefore voluntary. If the mandatory information required for the conclusion of the contract is not provided, no contract will be concluded. Failure to provide the voluntary information has no influence on the conclusion of the contract.

Use of the contact form or other contact:

The provision of the following data is mandatory for processing an enquiry via the contact form (mandatory information):

All other information is not required for processing a contact enquiry and is therefore voluntary. If the mandatory information required for processing a contact enquiry is not provided, the enquiry will not be processed. Failure to provide the voluntary information has no influence on the processing of the contact enquiry. There is no obligation to provide data for the processing of any other enquiry.

Automated decision-making:

Automated decision-making, including profiling, does not take place.

Updating the privacy policy

We reserve the right to amend this privacy policy in the event of changes to the legal situation or changes to our services or data processing. However, this only applies with regard to declarations on data processing. If user consent is required or if parts of the privacy policy contain provisions of the contractual relationship with the users, changes are only possible with the consent of the users. We ask users to regularly obtain independent information about the content of the privacy policy.