Privacy Policy
We are delighted that you have shown interest in our company. Protecting your personal data is of the utmost importance to the management of Purusha Space.
As a general rule, you may use our website without providing any personal data. However, if you wish to make use of specific services offered through our website, the processing of personal data may become necessary. Where the processing of personal data is required and there is no legal basis for such processing, we will generally obtain the data subject's consent before processing their personal data.
The processing of personal data, such as a data subject's name, address, email address, or telephone number, is always carried out in accordance with the General Data Protection Regulation (GDPR) and the applicable national data protection laws governing Purusha Space.
Through this Privacy Policy, we aim to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. In addition, this Privacy Policy explains the rights to which data subjects are entitled.
As the controller responsible for data processing, Purusha Space has implemented numerous technical and organizational measures to ensure the most comprehensive protection possible of the personal data processed through this website.
Nevertheless, internet-based data transmissions may inherently contain security vulnerabilities. Therefore, absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
1. Definitions
This Privacy Policy of Purusha Space is based on the terminology used by the European legislator in adopting the General Data Protection Regulation (GDPR). Our Privacy Policy is intended to be clear, transparent, and easy to understand for the public, as well as for our customers and business partners. To ensure this, we would first like to explain the terminology used throughout this Privacy Policy.
In this Privacy Policy, we use, among others, the following terms:
a) Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means. This includes, but is not limited to, the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data.
d) Restriction of Processing
Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person. In particular, it is used to analyse or predict aspects concerning that person's work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.
f) Pseudonymisation
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.
g) Controller
The controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law.
h) Processor
A processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
i) Recipient
A recipient is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether or not they are a third party. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third Party
A third party is any natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify their agreement to the processing of personal data relating to them.
2. Name and Contact Details of the Controller
The controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union, and other provisions relating to data protection is:
Purusha Space
Am Goldberg 48
94152 Neuhaus am Inn
Germany
Tel.: +49 173 947 0459
E-Mail: purusha.space@gmail.com
Website: www.purusha-space.com
3. Cookies
The Purusha Space website uses cookies. Cookies are text files that are stored on a computer system through an internet browser.
Many websites and servers use cookies. Numerous cookies contain a so-called Cookie ID. A Cookie ID is a unique identifier assigned to a cookie. It consists of a string of characters that enables websites and servers to associate the cookie with the specific internet browser in which it was stored. This allows visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain different cookies. A particular internet browser can therefore be recognised and identified by means of its unique Cookie ID.
By using cookies, Purusha Space is able to provide users of this website with more user-friendly services that would not be possible without the use of cookies.
Information and services provided on our website can be optimised for the benefit of the user through the use of cookies. As mentioned above, cookies enable us to recognise users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user visiting a website that uses cookies does not have to re-enter their login credentials each time they visit, as this information is stored by the website and the cookie placed on the user's computer system. Another example is the cookie used for a shopping cart in an online store. The online store remembers the items a customer has placed in their virtual shopping cart by means of a cookie.
The data subject may, at any time, prevent the setting of cookies by our website by adjusting the settings of the internet browser they use and may thus permanently object to the use of cookies. Furthermore, cookies that have already been set can be deleted at any time using an internet browser or other software programs. This is possible in all common internet browsers. If the data subject disables the use of cookies in the internet browser they use, not all functions of our website may be fully available.
4. Collection of General Data and Information
The Purusha Space website collects a range of general data and information each time it is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The following data may be collected:
1. the browser types and versions used,
2. the operating system used by the accessing system,
3. the website from which an accessing system reaches our website (so-called referrer),
4. the subpages accessed on our website through an accessing system,
5. the date and time of access to the website,
6. an Internet Protocol address (IP address),
7. the Internet service provider of the accessing system, and
8. other similar data and information used for security purposes in the event of attacks on our information technology systems.
When using this general data and information, Purusha Space does not draw any conclusions about the identity of the data subject. Instead, this information is required to:
1. correctly deliver the content of our website,
2. optimise the content of our website and its advertising,
3. ensure the long-term functionality of our information technology systems and the technical infrastructure of our website, and
4. provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack.
Therefore, this anonymously collected data and information is evaluated by Purusha Space for statistical purposes and with the aim of improving data protection and data security within our organisation, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data contained in the server log files is stored separately from any personal data provided by a data subject.
5. Routine Erasure and Restriction of Personal Data
The controller processes and stores the personal data of the data subject only for as long as is necessary to achieve the purpose for which the data was collected or where this is required by European directives and regulations or by other laws and regulations to which the controller is subject.
If the purpose for storing the data no longer applies, or if a statutory retention period prescribed by European directives and regulations or any other applicable legislator expires, the personal data will be routinely restricted or erased in accordance with the applicable legal requirements.
6. Rights of the Data Subject
a) Right to Confirmation
Every data subject has the right, granted by the European legislator, to obtain confirmation from the controller as to whether personal data concerning them is being processed.
If a data subject wishes to exercise this right of confirmation, they may contact the controller at any time.
b) Right of Access
Every data subject has the right, granted by the European legislator, to obtain from the controller, at any time and free of charge, information about the personal data stored concerning them, as well as a copy of that information.
Furthermore, the European legislator has granted the data subject the right to obtain the following information:
° the purposes of the processing,
° the categories of personal data being processed,
° the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations,
° where possible, the intended period for which the personal data will be stored or, if this is not possible, the criteria used to determine that period,
° the existence of the right to request the rectification or erasure of personal data concerning them, or the restriction of processing by the controller, or to object to such processing,
° the existence of the right to lodge a complaint with a supervisory authority,
° where the personal data has not been collected from the data subject, any available information as to its source,
° the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Furthermore, the data subject has the right to obtain information as to whether personal data has been transferred to a third country or to an international organisation. Where this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to such transfer.
If a data subject wishes to exercise this right of access, they may contact the controller at any time.
c) Right to Rectification
Every data subject has the right, granted by the European legislator, to obtain from the controller the rectification of inaccurate personal data concerning them without undue delay.
Taking into account the purposes of the processing, the data subject also has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, they may contact the controller at any time.
d) Right to Erasure ("Right to Be Forgotten")
Every data subject has the right, granted by the European legislator, to obtain from the controller the erasure of personal data concerning them without undue delay, provided that one of the following grounds applies and the processing is not required:
° the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
° the data subject withdraws their consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing;
° the data subject objects to the processing pursuant to Article 21(1) of the GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
° the personal data has been processed unlawfully;
° the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
° the personal data was collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
If any of the above grounds apply and a data subject wishes to request the erasure of personal data stored by Purusha Space, they may contact the controller at any time. The request for erasure will be processed without undue delay.
Where Purusha Space has made personal data public and is obliged pursuant to Article 17(1) of the GDPR to erase that personal data, Purusha Space shall, taking into account available technology and the cost of implementation, take reasonable measures, including technical measures where appropriate, to inform other controllers processing the published personal data that the data subject has requested the erasure of any links to, or copies or replications of, that personal data, unless the processing is required. Purusha Space will take the necessary steps in each individual case.
e) Right to Restriction of Processing
Every data subject has the right, granted by the European legislator, to obtain from the controller the restriction of processing where one of the following conditions applies:
° the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
° the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
° the controller no longer needs the personal data for the purposes of the processing, but the data subject requires it for the establishment, exercise, or defence of legal claims;
° the data subject has objected to processing pursuant to Article 21(1) of the GDPR, pending the verification of whether the legitimate grounds of the controller override those of the data subject.
If any of the above conditions apply and a data subject wishes to request the restriction of personal data stored by Purusha Space, they may contact the controller at any time. The request for restriction of processing will be handled without undue delay.
f) Right to Data Portability
Every data subject has the right, granted by the European legislator, to receive the personal data concerning them that they have provided to a controller in a structured, commonly used, and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR, or on a contract pursuant to Article 6(1)(b) of the GDPR, and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, when exercising their right to data portability pursuant to Article 20(1) of the GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible, provided that doing so does not adversely affect the rights and freedoms of others.
If a data subject wishes to exercise their right to data portability, they may contact the controller at any time.
g) Right to Object
Every data subject has the right, granted by the European legislator, to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them where such processing is based on Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on those provisions.
Where the data subject objects, Purusha Space will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or where the processing is necessary for the establishment, exercise, or defence of legal claims.
Where Purusha Space processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to the processing of their personal data for direct marketing purposes, Purusha Space will no longer process the personal data for those purposes.
Furthermore, the data subject has the right, on grounds relating to their particular situation, to object to the processing of personal data concerning them where such processing is carried out by Purusha Space for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out in the public interest.
If a data subject wishes to exercise their right to object, they may contact the controller at any time. In addition, in the context of the use of information society services, the data subject may exercise their right to object by automated means using technical specifications, notwithstanding Directive 2002/58/EC.
h) Right Not to Be Subject to Automated Decision-Making, Including Profiling
Every data subject has the right, granted by the European legislator, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless the decision:
is necessary for entering into, or the performance of, a contract between the data subject and the controller;
is authorised by Union or Member State law to which the controller is subject, and such law provides appropriate measures to safeguard the rights, freedoms, and legitimate interests of the data subject; or
is based on the data subject's explicit consent.
Where the decision is necessary for entering into, or the performance of, a contract between the data subject and the controller, or is based on the data subject's explicit consent, Purusha Space shall implement appropriate measures to safeguard the rights, freedoms, and legitimate interests of the data subject. These measures include, at a minimum, the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.
If a data subject wishes to exercise their rights relating to automated decision-making, they may contact the controller at any time.
i) Right to Withdraw Data Protection Consent
Every data subject has the right, granted by the European legislator, to withdraw their consent to the processing of personal data at any time.
If a data subject wishes to exercise their right to withdraw consent, they may contact the controller at any time.
7. Data Protection Provisions Regarding the Use of Facebook
The controller has integrated components of Facebook into this website. Facebook is a social networking service.
A social network is an online community that enables users to communicate and interact with one another in a virtual environment. It serves as a platform for exchanging opinions and experiences and allows users to share personal or business-related information. Among other features, Facebook enables users to create personal profiles, upload photographs, and connect with other users through friend requests.
Facebook is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. Further information about Facebook and its data processing practices can be found in Meta's Privacy Policy.
Each time a page of this website containing a Facebook component (Facebook Plug-in) is accessed, the internet browser on the data subject's information technology system is automatically prompted by the respective Facebook component to download a display of that Facebook component from Facebook.
An overview of all Facebook Plug-ins is available at:
https://developers.facebook.com/docs/plugins/
As part of this technical process, Facebook receives information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into Facebook at the same time, Facebook recognises each visit to our website and records which specific subpage is visited during the entire duration of the visit. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject.
If the data subject clicks one of the Facebook buttons integrated into our website, such as the "Like" button, or submits a comment, Facebook associates this information with the personal Facebook user account of the data subject and stores the corresponding personal data.
Facebook receives information that the data subject has visited our website whenever the data subject is logged into Facebook while accessing our website, regardless of whether the Facebook component is actively clicked. If the data subject does not wish such information to be transmitted to Facebook, they can prevent this by logging out of their Facebook account before accessing our website.
Meta's Privacy Policy, available at:
https://www.facebook.com/privacy/policy/
provides further information about the collection, processing, and use of personal data by Facebook. It also explains the privacy settings available to users for protecting their personal data. In addition, various applications are available that allow users to prevent the transmission of data to Facebook. Such applications may be used by the data subject to suppress the transmission of data to Facebook.
8. Data Protection Provisions Regarding the Use of Google Analytics (with Anonymisation Function)
The controller has integrated the Google Analytics component (with anonymisation function) into this website. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data relating to the behaviour of visitors to websites. Among other things, a web analytics service collects data about the website from which a data subject has accessed a website (so-called referrers), which subpages of the website were visited, and how often and for how long a subpage was viewed. Web analytics is primarily used to optimise a website and to perform cost-benefit analyses of online advertising.
The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
The controller uses the addition "_gat._anonymizeIp" for web analytics via Google Analytics. By means of this addition, Google truncates and anonymises the IP address of the data subject's internet connection if access to our website originates from a Member State of the European Union or from another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse visitor traffic on our website. Google uses the data and information collected, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website, and to provide other services related to the use of our website.
Google Analytics places a cookie on the data subject's information technology system. The nature of cookies has already been explained above. By setting the cookie, Google is enabled to analyse the use of our website. With each visit to one of the individual pages of this website on which a Google Analytics component has been integrated, the internet browser on the data subject's information technology system is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis.
As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject. Google may use this information, among other things, to trace the origin of visitors and clicks and subsequently prepare commission settlements.
The cookie stores personal information such as the access time, the location from which access originated, and the frequency of visits to our website by the data subject. Each time our website is visited, these personal data, including the IP address of the internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States. Google may transfer these personal data collected through the technical process to third parties.
The data subject may, at any time, prevent the setting of cookies by our website, as described above, by means of an appropriate setting in the internet browser used, and thus permanently object to the setting of cookies. Such a browser setting would also prevent Google from placing a cookie on the data subject's information technology system. In addition, a cookie already set by Google Analytics can be deleted at any time using the internet browser or other software programs.
Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website, as well as the processing of such data by Google. To do so, the data subject must download and install a browser add-on available at:
https://tools.google.com/dlpage/gaoptout
This browser add-on informs Google Analytics via JavaScript that no data or information relating to website visits should be transmitted to Google Analytics. The installation of the browser add-on is regarded by Google as an objection. If the information technology system of the data subject is later deleted, formatted, or reinstalled, the browser add-on must be reinstalled by the data subject in order to deactivate Google Analytics again. If the browser add-on is uninstalled or deactivated by the data subject or by another person attributable to their sphere of control, it may be reinstalled or reactivated at any time.
Further information and Google's applicable privacy policy are available at:
https://policies.google.com/privacy
and
https://marketingplatform.google.com/about/analytics/terms/
Further information about Google Analytics is available at:
https://marketingplatform.google.com/about/analytics/
9. Data Protection Provisions Regarding the Use of Google Remarketing
The controller has integrated Google Remarketing services into this website. Google Remarketing is a feature of Google Ads that enables a company to display advertisements to internet users who have previously visited the company's website. The integration of Google Remarketing therefore allows a company to create user-based advertising and display advertisements that are relevant to the interests of individual users.
The operating company of the Google Remarketing services is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
The purpose of Google Remarketing is to display interest-based advertising. Google Remarketing enables us to display advertisements through the Google advertising network or on other websites that are tailored to the individual needs and interests of internet users.
Google Remarketing places a cookie on the data subject's information technology system. The nature of cookies has already been explained above. By setting the cookie, Google is able to recognise visitors to our website when they subsequently visit websites that are also members of the Google advertising network. Each time a website on which the Google Remarketing service has been integrated is accessed, the internet browser of the data subject automatically identifies itself to Google. As part of this technical process, Google obtains knowledge of personal data, such as the user's IP address or browsing behaviour, which Google uses, among other things, to display interest-based advertisements.
The cookie stores personal information, such as the websites visited by the data subject. Each time our website is visited, personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States. Google may transfer the personal data collected through this technical process to third parties.
The data subject may, at any time, prevent the setting of cookies by our website, as described above, by adjusting the settings of the internet browser they use and may thereby permanently object to the setting of cookies. Such a browser setting would also prevent Google from placing a cookie on the data subject's information technology system. In addition, cookies already set by Google may be deleted at any time using an internet browser or other software programs.
Furthermore, the data subject has the option to object to interest-based advertising provided by Google. To do so, the data subject must access the following link from each internet browser they use and adjust the desired settings:
https://adssettings.google.com/
Further information and Google's applicable privacy policy are available at:
https://policies.google.com/privacy
10. Data Protection Provisions Regarding the Use of Google Ads
The controller has integrated Google Ads into this website. Google Ads is an online advertising service that enables advertisers to display advertisements both in Google's search engine results and within the Google advertising network. Google Ads allows advertisers to define specific keywords in advance, ensuring that advertisements are displayed in Google's search results only when users retrieve keyword-related search results. Within the Google advertising network, advertisements are distributed to relevant websites by means of an automated algorithm, taking into account the predefined keywords.
The operating company of the Google Ads services is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
The purpose of Google Ads is to promote our website by displaying interest-based advertisements on third-party websites, within Google's search engine results, and by displaying third-party advertisements on our website.
If a data subject reaches our website via a Google advertisement, Google places a so-called conversion cookie on the data subject's information technology system. The nature of cookies has already been explained above. A conversion cookie expires after thirty days and is not used to identify the data subject. Provided that the cookie has not yet expired, it enables us and Google to determine whether certain subpages of our website have been accessed, for example a shopping cart page within an online shop system. Through the conversion cookie, both we and Google can determine whether a data subject who accessed our website via a Google Ads advertisement completed or abandoned a purchase.
The data and information collected through the use of the conversion cookie are used by Google to compile visitor statistics for our website. We use these statistics to determine the total number of users referred to us through Google Ads, to evaluate the success or failure of individual Google Ads campaigns, and to optimise our advertisements for the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify the data subject.
The conversion cookie stores personal information, such as the websites visited by the data subject. Each time our website is visited, personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States. Google may transfer the personal data collected through this technical process to third parties.
The data subject may, at any time, prevent the setting of cookies by our website, as described above, by adjusting the settings of the internet browser they use and may thereby permanently object to the setting of cookies. Such a browser setting would also prevent Google from placing a conversion cookie on the data subject's information technology system. In addition, cookies already set by Google Ads may be deleted at any time using an internet browser or other software programs.
Furthermore, the data subject has the option to object to interest-based advertising provided by Google. To do so, the data subject must access the following link from each internet browser they use and adjust the desired settings:
https://adssettings.google.com/
Further information and Google's applicable privacy policy are available at:
https://policies.google.com/privacy
11. Data Protection Provisions Regarding the Use of Instagram
The controller has integrated components of the Instagram service into this website. Instagram is an audiovisual platform that enables users to share photographs and videos, as well as to distribute such content through other social networks.
The operating company of the Instagram service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
Each time a page of this website containing an Instagram component (Instagram button) is accessed, the internet browser on the data subject's information technology system is automatically prompted by the respective Instagram component to download a display of the corresponding Instagram component. As part of this technical process, Instagram receives information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into Instagram at the same time, Instagram recognises each visit to our website and records which specific subpage is visited during the entire duration of the visit. This information is collected through the Instagram component and associated with the respective Instagram account of the data subject.
If the data subject clicks one of the Instagram buttons integrated into our website, the transmitted data and information are associated with the personal Instagram user account of the data subject and are stored and processed by Instagram.
Instagram receives information that the data subject has visited our website whenever the data subject is logged into Instagram while accessing our website, regardless of whether the Instagram component is actively clicked. If the data subject does not wish such information to be transmitted to Instagram, they can prevent this by logging out of their Instagram account before accessing our website.
Further information and Instagram's applicable Privacy Policy are available at:
https://help.instagram.com/
and
https://privacycenter.instagram.com/
12. Data Protection Provisions Regarding the Use of LinkedIn
The controller has integrated components of LinkedIn into this website. LinkedIn is an internet-based social network that enables users to connect with existing business contacts and establish new professional relationships. With hundreds of millions of registered users in more than 200 countries, LinkedIn is one of the world's largest professional networking platforms and one of the most frequently visited websites.
The operating company of LinkedIn is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, for data protection matters relating to users outside the United States.
Each time a page of this website containing a LinkedIn component (LinkedIn Plug-in) is accessed, the internet browser on the data subject's information technology system is automatically prompted by the respective LinkedIn component to download a display of that LinkedIn component.
Further information about LinkedIn Plug-ins is available at:
https://developer.linkedin.com/plugins
As part of this technical process, LinkedIn receives information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into LinkedIn at the same time, LinkedIn recognises each visit to our website and records which specific subpage is visited during the entire duration of the visit. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the data subject.
If the data subject clicks one of the LinkedIn buttons integrated into our website, LinkedIn associates this information with the personal LinkedIn user account of the data subject and stores the corresponding personal data.
LinkedIn receives information that the data subject has visited our website whenever the data subject is logged into LinkedIn while accessing our website, regardless of whether the LinkedIn component is actively clicked. If the data subject does not wish such information to be transmitted to LinkedIn, they can prevent this by logging out of their LinkedIn account before accessing our website.
LinkedIn provides options for managing communication preferences, advertising preferences, and privacy settings through the user's LinkedIn account. LinkedIn may also use cookies and similar technologies through its own services and partner providers.
Further information about LinkedIn's privacy practices is available at:
https://www.linkedin.com/legal/privacy-policy
Information about LinkedIn's Cookie Policy is available at:
https://www.linkedin.com/legal/cookie-policy
13. Data Protection Provisions Regarding the Use of Pinterest
The controller has integrated components of Pinterest into this website. Pinterest is a social networking service. A social network is an online community that enables users to communicate and interact with one another in a virtual environment. It serves as a platform for exchanging opinions and experiences and allows users to share personal or business-related information. Pinterest enables users to publish collections of images, individual images, and descriptions on virtual pinboards (known as "pinning"), which may then be shared ("repinned") or commented on by other users.
The operating company of Pinterest is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
Each time a page of this website containing a Pinterest component (Pinterest Plug-in) is accessed, the internet browser on the data subject's information technology system is automatically prompted by the respective Pinterest component to download a display of that Pinterest component from Pinterest.
Further information about Pinterest is available at:
https://www.pinterest.com/
As part of this technical process, Pinterest receives information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into Pinterest at the same time, Pinterest recognises each visit to our website and records which specific subpage is visited during the entire duration of the visit. This information is collected through the Pinterest component and associated with the respective Pinterest account of the data subject.
If the data subject clicks one of the Pinterest buttons integrated into our website, Pinterest associates this information with the personal Pinterest user account of the data subject and stores the corresponding personal data.
Pinterest receives information that the data subject has visited our website whenever the data subject is logged into Pinterest while accessing our website, regardless of whether the Pinterest component is actively clicked. If the data subject does not wish such information to be transmitted to Pinterest, they can prevent this by logging out of their Pinterest account before accessing our website.
Pinterest's Privacy Policy, available at:
https://policy.pinterest.com/privacy-policy
provides further information about the collection, processing, and use of personal data by Pinterest.
14. Data Protection Provisions Regarding the Use of YouTube
The controller has integrated components of YouTube into this website. YouTube is an internet video portal that enables video publishers to upload video content free of charge and allows other users to view, rate, and comment on such content free of charge. YouTube permits the publication of all types of video content, including full-length films and television programmes, music videos, trailers, and videos created by users.
The operating company of YouTube is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
Each time a page of this website containing a YouTube component (YouTube video) is accessed, the internet browser on the data subject's information technology system is automatically prompted by the respective YouTube component to download a display of that YouTube component.
Further information about YouTube is available at:
https://www.youtube.com/about/
As part of this technical process, YouTube and Google receive information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into YouTube at the same time, YouTube recognises which specific subpage of our website the data subject visits when accessing a page containing a YouTube video. This information is collected by YouTube and Google and associated with the respective YouTube account of the data subject.
YouTube and Google receive information that the data subject has visited our website whenever the data subject is logged into YouTube while accessing our website, regardless of whether the data subject actively clicks on a YouTube video. If the data subject does not wish such information to be transmitted to YouTube and Google, they can prevent this by logging out of their YouTube account before accessing our website.
Further information about the collection, processing, and use of personal data by YouTube and Google is available in Google's Privacy Policy:
https://policies.google.com/privacy
15. Legal Basis for Processing
Article 6(1)(a) of the GDPR serves as the legal basis for processing operations for which we obtain the data subject's consent for a specific processing purpose.
Where the processing of personal data is necessary for the performance of a contract to which the data subject is a party, such as processing operations required for the delivery of goods or the provision of other services or consideration, the processing is based on Article 6(1)(b) of the GDPR. The same applies to processing operations that are necessary for carrying out pre-contractual measures, for example in response to enquiries regarding our products or services.
Where our company is subject to a legal obligation requiring the processing of personal data, such as compliance with tax obligations, the processing is based on Article 6(1)(c) of the GDPR.
In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This could be the case, for example, if a visitor were injured on our premises and their name, age, health insurance details, or other vital information had to be disclosed to a physician, hospital, or other third parties. In such cases, the processing would be based on Article 6(1)(d) of the GDPR.
Finally, processing operations may be based on Article 6(1)(f) of the GDPR. This legal basis applies where the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, provided that such interests are not overridden by the interests, fundamental rights, or fundamental freedoms of the data subject.
Such processing operations are permitted in particular because they are expressly recognised by the European legislator, which considered that a legitimate interest may exist where the data subject is a customer of the controller (Recital 47, sentence 2, GDPR).
16. Legitimate Interests Pursued by the Controller or a Third Party
Where the processing of personal data is based on Article 6(1)(f) of the GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of our employees and shareholders.
17. Period for Which Personal Data Is Stored
The criterion used to determine the period for which personal data is stored is the applicable statutory retention period. After the expiry of the respective retention period, the corresponding personal data will be routinely deleted, provided that it is no longer required for the fulfilment or initiation of a contract.
18. Statutory or Contractual Requirements to Provide Personal Data; Necessity for the Conclusion of a Contract; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Failure to Provide Such Data
We inform you that the provision of personal data may, in certain cases, be required by law (for example, under tax regulations) or may arise from contractual provisions (for example, information relating to a contractual partner).
In some cases, it may be necessary for a data subject to provide us with personal data in order for a contract to be concluded, after which such data must be processed by us. For example, the data subject is required to provide personal data if our company enters into a contract with them. Failure to provide the required personal data may result in the contract not being concluded.
Before providing personal data, the data subject may contact the controller at any time. The controller will inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract, whether it is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data, and what the possible consequences of not providing the personal data may be.
19. Existence of Automated Decision-Making
As a responsible company, we do not use automated decision-making or profiling.
This Privacy Policy was generated using the Privacy Policy Generator of DGD Deutsche Gesellschaft für Datenschutz GmbH, acting as an external Data Protection Officer in Fürth, in cooperation with the IT and data protection lawyer Christian Solmecke.