Data Privacy Policy

We are pleased that you have visited our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.

This privacy policy statement applies to the internet offer of Ampack GmbH.

Who is responsible and how do I contact you?

Responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR):

Ampack GmbH
Lechfeldgraben 7
86343 Königsbrunn, Germany
Mail: info@ampack-solutions.com
Phone: +49 8231 6005 0

Statutory data protection officer:

PROLIANCE GmbH
Leopoldstr. 21
80802 München
Mail: datenschutzbeauftragter@datenschutzexperte.de
www.datenschutzexperte.de

What is the purpose of this privacy policy?

This data protection declaration fulfills the legal requirements for transparency in the processing of personal data. This is all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behavior when visiting a website. Information with which we cannot (or only with disproportionate effort) relate to you personally, e.g. through anonymization, are not personal data. The processing of personal data (e.g. the collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you about the specific storage periods and criteria for storage in the individual processing operations. Regardless of this, we save your personal data in individual cases to assert, exercise or defend legal claims and if there are statutory retention requirements.

Who will get my data?

We only pass on your personal data, which we process on our website, to third parties if this is necessary for the fulfillment of the purposes and in individual cases is covered by the legal basis (e.g. consent or protection of legitimate interests). In addition, we pass on personal data to third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients can then be Law enforcement agencies, lawyers, accountants, courts, etc..

Insofar as we use service providers for the operation of our website who, as part of order processing on our behalf, provide personal data in accordance with Art. 28 GDPR, these service providers can be recipients of your personal data. You can find more information on the use of processors and web services in the overview of the individual processing operations.

What are my rights?

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), you as the person concerned have the following rights:

Information on the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data, according to Art. 15 GDPR, § 34 BDSG;

Correction of incorrect or incomplete data that are stored by us, according to Art. 16 GDPR;

Deletion of the data stored by us according Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

Restriction of processing according Art. 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.

Data portability according to Art. 20 GDPR, insofar as you give us personal data within the scope of a consent in accordance with. Art. 6 para. 1 lit. a GDPR or on the basis of a contract according Art. 6 para. 1 lit. b GDPR and processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transmit the data directly to another person responsible, as far as this is technically feasible.

Contradiction against the processing of your personal data according to Art. 21 GDPR, insofar as this is based on Art. 6 Paragraph 1 lit. e, f GDPR takes place and there are reasons for this that arise from your particular situation or the objection is directed against direct mail. The right to object does not exist if overriding, compelling reasons worthy of protection are proven for the processing or if the processing is carried out to assert, exercise or defend legal claims. If you do not have the right to object to individual processing operations, this is indicated there.

Revocation of your given consent with effect for the future according Art. 7 para. 3 GDPR.

Complaint according to Art. 77 GDPR at a supervisory authority if you are of the opinion that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

How will my data be processed in detail?

In the following, we will inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Type and scope of processing

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

IP adress of the requesting computer
Date and time of access
Name and URL of the file accessed
Website from which the access is made (Referrer-URL)
Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

Our website is not hosted by us, but by a service provider who, for the purpose of providing the website, provides the aforementioned data on our behalf in accordance with. Art. 28 GDPR.

Purpose and legal basis

The processing is carried out to safeguard our predominant legitimate interest in displaying our website and ensuring security and stability on the basis of Art. 6 Para. Lit. f GDPR. The collection of data and storage in log files is essential for the operation of the website. There is no right to object to the processing due to the exception according to Art. 21 Paragraph 1 GDPR. Insofar as the further storage of the log files is required by law, the processing takes place on the basis of Art. 6 Para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to access our website without providing the data.

Storage period

The aforementioned data is stored for the duration of the display of the website and for technical reasons for a maximum of 7 days.

Enquiry via contact form

Description of the data processing and the purpose

If you contact us via the contact form at https://www.ampack-solutions.com/, your enquiry including all personal data resulting from it (e.g. name, email address, content of the enquiry) will be stored and processed by us in our CRM system for the purpose of processing your request.

Legal basis for data processing

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

Receiver

When contact is made via the contact form, the data collected is transmitted to the following recipients

com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany
Salesforce, Inc., 415 Mission St., San Francisco, California, USA

Data processing in third countries

When using the service, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies with certification under the EU-U.S. Data Privacy Framework.

Salesforce Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov).

Storage duration

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Contact form for applicants

Type and scope of processing

On our website we offer you to submit an application to us using a form provided. The information that is collected via mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you believe is necessary for processing the contact request.

Insofar as you have given us your separate consent that is independent of the use of the application form, we will pass your application on to the group companies affiliated with us.

Purpose and legal basis

The processing of your data based on the use of the application form takes place for the purpose of processing your application and deciding on the establishment of an employment relationship on the basis of § 26 BDSG. There is no legal or contractual obligation to provide your data, but it is not possible to process your application without providing the information in the mandatory fields. If you do not want to provide this data, please use other options for applying to us.

Storage period

We store the data collected for the duration of the application process and, in the event of non-employment, for a period of six months from the date of rejection and, in the case of employment, for a period of three years after the end of employment.

Google Fonts

Type and scope of processing

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offer. To obtain these fonts, you connect to the servers of Google Ireland Limited and your IP address will be transmitted.

Purpose and legal basis

The use of Google Fonts is based on our legitimate interests, i.e. Interest in a uniform provision and optimization of our online offer in accordance with Art. 6 Para. 1 lit. f. GDPR.

Storage period

The specific storage duration of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the data protection declaration for Google Fonts: https://policies.google.com/privacy

etracker

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.

Further information on data protection with etracker can be found here.

DATA PROTECTION INFORMATION FOR CUSTOMERS / OTHER CONTRACTUAL PARTNERS AND INTERESTED PARTIES

1. RESPONSIBLE BODY WITHIN THE MEANING OF DATA PROTECTION LAW

Ampack GmbH
Lechfeldgraben 7
86343 Königsbrunn, Germany
Email: info@ampack-solutions.com
Tel: +49 8231 6005 0

2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER

PROLIANCE GmbH
Leopoldstr. 21
80802 Munich
Email:datenschutzbeauftragter@datenschutzexperte.de
www.datenschutzexperte.de

3. PURPOSES AND LEGAL BASIS OF PROCESSING

We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for the establishment, execution and fulfillment of a contract and for the implementation of pre-contractual measures. Insofar as personal data is required for the initiation or execution of a contractual relationship or in the context of the implementation of pre-contractual measures, processing is lawful pursuant to Art. 6 para. 1 lit. b GDPR.

If you give us your express consent to process personal data for specific purposes (e.g. disclosure to third parties, evaluation for marketing purposes or advertising by e-mail), the lawfulness of this processing is given on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. Any consent given can be revoked at any time with effect for the future (see section 9 of this data protection information).

If necessary and legally permissible, we process your data beyond the actual contractual purposes to fulfill legal obligations in accordance with Art. 6 para. 1 lit. c GDPR. In addition, processing may be carried out to protect the legitimate interests of us or third parties and to defend and assert legal claims in accordance with Art. 6 para. 1 lit. f GDPR. If necessary, we will inform you separately, stating the legitimate interest, insofar as this is required by law.

4. CATEGORIES OF PERSONAL DATA

We only process data that is related to the establishment of the contract or pre-contractual measures. This may be general data about you or persons in your company (name, address, contact details, etc.) as well as any other data that you provide to us in the context of establishing the contract.

5. SOURCES OF THE DATA

We process personal data that we receive from you in the course of contacting you or establishing a contractual relationship or in the course of pre-contractual measures.

6. RECIPIENTS OF THE DATA

We only pass on your personal data within our company to those areas and persons who need this data to fulfill contractual and legal obligations or to implement our legitimate interest.

We may transfer your personal data to companies affiliated with us insofar as this is permitted within the scope of the purposes and legal bases set out in section 3 of this data protection information sheet.

Your personal data will be processed on our behalf on the basis of order processing contracts in accordance with Art. 28 GDPR. In these cases, we ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR. The categories of recipients in this case are providers of internet service providers and providers of customer management systems and software.

Otherwise, data will only be passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary for processing and thus for the performance of the contract or, at your request, for the implementation of pre-contractual measures, if we have your consent or if we are authorized to provide information. Under these conditions, recipients of personal data may be, for example

External tax consultant
Public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, tax office) if there is a legal or official obligation,

Recipients to whom the transfer is directly necessary for the establishment or fulfillment of a contract, such as financial service providers, hotels, transport service providers

7. TRANSFER TO A THIRD COUNTRY

A transfer to a third country is not intended.

A transfer of personal data to countries outside the EEA (European Economic Area) or to an international organization will only take place if this is necessary for the processing and thus for the performance of the contract or, at your request, for the implementation of pre-contractual measures, if the transfer is required by law or if you have given us your consent.

8. DURATION OF DATA STORAGE

Where necessary, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes. This also includes the initiation and execution of a contract.

In addition, we are subject to various retention and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods stipulated there are two to ten years.

Finally, the storage period also depends on the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years.

9. YOUR RIGHTS

Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to notification under Art. 19 GDPR and the right to data portability under Art. 20 GDPR.

In addition, you have the right to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 GDPR if you believe that your personal data is being processed unlawfully. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the withdrawal is not affected. Please also note that we may have to retain certain data for a certain period of time in order to comply with legal requirements (see section 8 of this data protection information).

Right to object:

Insofar as your personal data is processed in accordance with Art. 6 para. 1 lit. f GDPR to safeguard legitimate interests, you have the right to object to the processing of this data at any time in accordance with Art. 21 GDPR for reasons arising from your particular situation. We will then no longer process this personal data unless we can demonstrate compelling legitimate grounds for the processing. These must outweigh your interests, rights and freedoms, or the processing must serve the assertion, exercise or defense of legal claims.

In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to processing for the purpose of such advertising. This also applies to profiling insofar as it is associated with this direct advertising. If you object to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.

To exercise your rights, you can contact us using the contact details provided in section 1.

10. NECESSITY OF THE PROVISION OF PERSONAL DATA

The provision of personal data for the decision on the conclusion of a contract, the fulfillment of a contract or for the implementation of pre-contractual measures is voluntary. However, we can only make a decision within the framework of contractual measures if you provide personal data that is necessary for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.

11. AUTOMATED DECISION-MAKING

In principle, we do not use fully automated decision-making in accordance with Art. 22 GDPR to establish, fulfill or implement the business relationship or for pre-contractual measures. Should we use these procedures in individual cases, we will inform you of this separately or obtain your consent if this is required by law.

Social media profiles

We maintain profiles, appearances or pages on the following social media platforms:

Platform	Profile
Xing:	https://www.xing.com/pages/ampack-gmbh
LinkedIn:	https://www.linkedin.com/company/ampack-solutions
YouTube:	https://www.youtube.com/@AmpackGmbH
Google Business:	https://g.co/kgs/jf2TMxM

Different responsibilities and roles

Depending on how the platform operators and we as the site operator are involved in the processing of your personal data, the respective responsibility or role differs.

This means that we can either be jointly responsible with the platform operator or the platform operator is solely responsible.

Shared responsibility with platform operators

Jointly responsible

There is a joint responsibility between us and the following platform operators:

Platform	Platform operator
LinkedIn:	LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Ireland

As the site operator, we are jointly responsible with the providers of the respective platform for the processing of your personal data in connection with your visit to the presence, profile, page or fan page on the platforms if the platform operators provide aggregated information about visitors to our profiles, presences, pages or fan pages (e.g. so-called "insights" or "analytics").

In the case of joint controllership, we have concluded agreements with the platform operators in accordance with Art. 26 GDPR on joint controllership for the processing of your personal data (e.g. Page Controller Addendum or Joint Controller Addendum).

This agreement specifies the data processing operations for which we or the respective platform operator are responsible. You can view these agreements under the following links:

	Agreements on joint
LinkedIn:	https://legal.linkedin.com/pages-joint-controller-addendum

Further information on data processing by the platform operators can be found in their privacy policies:


LinkedIn:	https://www.linkedin.com/legal/privacy-policy

Contacting the data protection officers of the platform operators

You can contact the data protection officers of the platform operators here:

	Possibility of making
LinkedIn:	To contact LinkedIn's data protection officer, you can use the contact form at the link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO .

Data processing under joint responsibility

Accessing and storing information in terminal equipment

When you access our profiles on the aforementioned platforms, the platform operator uses cookies and similar technologies on your end device to store data on your end device or to read data from there. This access or storage may involve further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of the services, this is done on the basis of Section 25 (1) sentence 1, (2) no. 2 TDDDG. If necessary, connection data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.

In cases in which such a process serves other purposes (e.g. the needs-based design of our website), this is only carried out on the basis of Section 25 (1) TDDDG with your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR. Consent can be revoked at any time for the future. The provisions of the GDPR and the Federal Data Protection Act (BDSG) apply to the processing of your personal data.

Further information on the use of cookies and similar technology and their legal basis can be found in the respective privacy policy of the platform operator. Links to the respective privacy policies can be found above. If you have any further questions, please contact the operator of the respective social media platform directly.

Data processing for advertising and market research purposes

As a rule, personal data on our social media profile is primarily processed for market research and advertising purposes of the platform operator. Insofar as the data collection also takes place directly on our social media profile, we participate in the data processing of the platform operator and are therefore jointly responsible with the platform operator in this respect

During data processing, cookies and similar technologies are used that enable the platform operator to recognise you when you visit a social media profile. For members of the social media platform, the platform operator also analyses your interactions on the platform (clicks, comments and likes) and processes the information you provide to the platform operator, such as your master data, your profile picture or name. In particular, demographic information (age, gender, country, industry, profession, etc.) from your own member profile may also be processed.

The collected data can be used to create user profiles. These are then used by the platform operator to place adverts inside and outside the platform that presumably correspond to your interests.

Although we do not have direct access to the data processed by the platform operator, we also benefit from this data processing by placing corresponding adverts within or outside the platforms based on the target groups identified by the platform operator.

The legal basis for the processing of your personal data in relation to is your consent given to the platform operator pursuant to Art. 6 para. 1 lit. a GDPR.

Please note that we have no influence on the data collection and further processing under the responsibility of the platform operator. As a result, we cannot provide any information about the extent to which, where and for how long the data is stored by the platform operator.

Further information on this can be found in the data protection information of the respective provider.

Data processing in the context of "Insights" or "Analytics"

In addition, your data will be processed jointly responsible in connection with so-called "Page Insights" or "Page Analytics".

Page Insights" or "Page Analytics" are analysis functions provided by the platform operator, by means of which the master data processed by you, in particular demographic data and the data on your interactions with our profile are collected jointly by the platform operator and us.

The platform operator then analyses this data and uses it to create summarised (so-called aggregated data) for us, from which we can see which demographic target group has visited our profile and how our profile was used by them.

In this respect, we also have no direct access to the data processed by the platform operator. This data is only made available to us by the platform operator in aggregated form. This means that we cannot recognise individual visitors or their interactions from the aggregated data.

We then use this aggregated data to tailor our social media profile to the target group and generally to optimise it in relation to the aforementioned advertising purposes (increasing the reach and awareness of our profile and evaluating the success of marketing campaigns).

The legal basis for the processing of your personal data in relation to is your consent given to the platform operator pursuant to Art. 6 para. 1 lit. a GDPR.

Further information on this can be found in the data protection information of the respective provider.

Data processing based on consent

If you are asked by the respective platform operator for consent to processing for a specific, common purpose, the legal basis for processing is Art. 6 para. 1 lit. a., Art. 7 GDPR. Any consent given can be revoked at any time with effect for the future.

Recipients and data transfer to third countries

If we pass on personal data to the operators of social media platforms, the latter are recipients of the data within the meaning of Art. 4 No. 9 GDPR.

LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Ireland

LinkedIn Corp, 1000 W. Maude Ave, Sunnyvale, CA 94085,

When you visit our social media profiles, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA.

For data transfers to the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies with certification in accordance with the EU-U.S. Data Privacy Framework.

	Ensuring an adequate level of protection
LinkedIn Corp.	LinkedIn Corp. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov

If your data is transferred to other third countries for which no adequacy decision exists, there is a risk that the authorities there may access your data for security and monitoring purposes without you being informed or having the right to appeal.

To ensure an adequate level of data protection when transferring your data to the third country, standard data protection clauses of the European Commission are concluded in accordance with Art. 46 para. 2 lit. c GDPR. They oblige the recipient of the data to process it in accordance with the European level of protection.

If the standard data protection clauses are not sufficient to guarantee the level of protection, additional technical, contractual or organisational measures are taken to secure the transfer of data. We also regularly review and assess whether these additional measures continue to ensure an adequate level of data protection or whether further supplementary measures may need to be taken.

Exercising your rights in the event of joint responsibility

Your rights as a data subject of data processing

If, as a visitor to the site, you would like to exercise your rights (information, correction, deletion, restriction, data portability, complaint to the supervisory authority, objection or revocation), you can contact both the platform operator and us.

Settings in the account

You can (also) restrict the visibility of your LinkedIn account to us via the LinkedIn settings.

For more information on asserting your rights, please refer to LinkedIn's privacy policy at the following link: https://www.linkedin.com/legal/privacy-policy

Responsibility of the platform operators

If your personal data is processed by one of the operators of social media platforms listed below, this processing is the responsibility of the platform operator within the meaning of Art. 7 No. 4 GDPR.

	operator
YouTube:	Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,
Google Business	Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,
	New Work SE, Am Strandkai 1, 20457 Hamburg

We have no influence on data processing by the platform operators. For further information, please check the privacy policy of the respective platform operator:


YouTube:	https://policies.google.com/privacy
Xing	https://privacy.xing.com/de/datenschutzerklaerung

For the assertion of your rights as a data subject, we would like to point out that these can be asserted most effectively with the respective providers. Only they have access to the data collected from you. Should you nevertheless require assistance, please feel free to contact us at any time.

Our own responsibility

We are solely responsible for the following data processing via our social media profiles.

Data processing through the operation of the social media profile

When you visit or interact with our social media profile, we process your personal data.

This may be information that you actively provide (comments, likes and information that you make publicly available, such as your profile picture or name). Depending on the provider and your settings on the provider's platform, we may also be informed about who has accessed our profile on the platform.

The legal basis for the processing of personal data when operating our social media profile is Art. 6 para. 1 sentence 1 lit. f GDPR.

The legitimate interest lies in addressing visitors for advertising purposes and in providing an effective means of communication and interaction with our company on the social media platform.

Data processing when contacting

We collect personal data ourselves if you contact us, for example, via a contact form or using a messenger function on the respective platform.

Which data is collected depends on the information you provide and the contact details you give or release. This data is stored by us for the purpose of processing your enquiry and in the event of follow-up questions.

The legal basis for the processing of the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

Your data will be deleted after final processing of your enquiry, provided that there are no statutory retention obligations to the contrary. We assume that processing is complete when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

Data processing for contract processing

If your contact via a social network or other platform is aimed at the conclusion of a contract for the delivery of goods or the provision of services with us, we process your data for the fulfilment of the contract or for the implementation of pre-contractual measures or for the provision of the desired services.

The legal basis for the processing of your data in this case is Art. 6 para. 1 sentence 1 lit. b GDPR.

Your data will be deleted if it is no longer required to fulfil the contract or if it is clear that the pre-contractual measures will not lead to the conclusion of a contract corresponding to the purpose of the contact.

Please note, however, that it may be necessary to store personal data of our contractual partners even after the conclusion of the contract in order to fulfil contractual or legal obligations.

Data processing based on consent

If you are asked by us for consent to processing for a specific purpose, the legal basis for processing is Art. 6 para. 1 lit. a., Art. 7 GDPR. Any consent given can be revoked at any time with effect for the future.