Data Protection Declaration

We, Liebherr-EMtec GmbH, are pleased that you are visiting our web pages (hereinafter also referred to collectively as “website”) and that you have thereby expressed an interest in the Liebherr Group.

We attach great importance to the protection and security of your personal data. Therefore, we consider it vital to inform you in the following about which of your personal data we process for what purpose and what rights you have in respect of your personal data.

General information

What is personal data and what does processing mean?

• “Personal data” (hereinafter also referred to as “data”) are all the details that make a statement about a natural person. Personal data are not just details that allow a direct conclusion to be drawn about a certain person (such as the name or e-mail address of a person), but also information with which with suitable additional knowledge a connection can be made with a certain person.
• “Processing” means any action taken with your personal data (such as collection, recording, organisation, structuring, storage, use or erasure of data).

Who is the controller for the processing of your data?

The controller for the processing of your data is:

• Liebherr- EMtec GmbH
• Liebherrstraße 12
• 88457 Kirchdorf an der Iller
• Deutschland
• Telefon: +49 7354 80 0
• E-Mail: datenschutz.lhb@liebherr.com

How can you reach our data protection officer?

Our data protection officer can be reached at the following contact details:

• Corporate Privacy
• Liebherr-IT Services GmbH
• St. Vitus 1
• 88457 Kirchdorf an der Iller
• Germany
• E-mail: datenschutz@liebherr.com

What rights do you have as a data subject?

As a data subject, you have the right, within the legal scope, to:

• Information about your data;
• Rectification of inaccurate data and completion of incomplete data;
• Erasure of your data, particularly if (1) they are no longer necessary for the purposes stated in this Data Protection Declaration, (2) you have withdrawn your consent and there is no other legal ground for the processing, (3) your data have been unlawfully processed, or (4) you have objected to the processing and there are no overriding legitimate grounds for the processing;
• Restriction of the processing of your data, particularly if the accuracy of the data is contested by you or the processing of your data is unlawful and instead of deletion you demand restriction of use;
• Object to processing of your data based on legitimate interests, on grounds relating to your particular situation, or, without specific justification, to processing of your data carried out for direct marketing purposes; unless it is an objection to direct marketing, we ask that you explain the reasons why we should not process your data as we may do, when you lodge an objection. In the event of your reasoned objection, we will examine the merits of the case and cease processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims;
• Receive your data in a structured, commonly used and machine-readable format and to have your data transmitted from us directly to another controller;
• Withdraw consent, if you have given us consent for processing. Please note that the lawfulness of processing based on consent before its withdrawal will not be affected by your withdrawal.

If you assert any of the above-stated rights, please understand that we may require you to provide evidence showing that you are the person you claim to be.

Furthermore, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your data infringes the GDPR.

Links to other websites

Our website may contain links to and from websites of other providers not affiliated with us (“third parties”). After clicking on the link, we no longer have any influence on the processing of any data transmitted to the third party when the link is clicked (such as the IP address or the URL on which the link is located), as the behaviour of third parties is naturally beyond our control. Therefore, we cannot assume any responsibility for the processing of such data by third parties.

Data processing

Amazon Web Services (AWS)

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as AWS).

When you visit our website, your personal data is processed on AWS's servers. In this case, personal data may also be transferred to the parent company of AWS in the USA. The transfer of data to the USA is based on the EU Standard Contractual Clauses.

Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.

For more information, please refer to AWS's Privacy Statement: https://aws.amazon.com/de/privacy/?nc1=f_pr.

The use of AWS is based on Art. 6 (1) (f) GDPR. We have a legitimate
Interest in the most reliable presentation of our website. Provided that a corresponding
consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a)
GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000TOWQAA4&status=Active

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

General

In providing our website, we use cookies and other technologies. In the following cookie notices we provide you – as a user of our website – with additional information on data processing via the use of cookies and other technologies.

I. What are cookies and other technologies?

Cookies are small text files that a web server can store and read on your terminal equipment (computer, smartphone or similar) by means of the web browser that you use. Cookies contain individual, alphanumeric character strings that enable identification of the web browser that you are using and may also contain information on user-specific settings.

In addition to cookies, we use other technologies as follows:

• Using so-called “local storage technology”, data is only stored locally, i.e. solely on your terminal equipment and not on the web server, in the so-called “local storage” of your web browser. In contrast to cookies, data stored using local storage technology does not possess an expiry date and is not automatically deleted without further action; you can, however, delete this data yourself via your web browser. Please refer to the instructions of your web browser manufacturer on how to delete data stored using local storage technology.
• In addition, we have integrated so-called “tracking pixels” (also called “pixels”, “pixel tags” or “web beacons”) on our website. Tracking pixels are small, usually invisible, image files that are automatically loaded by a web server and can provide information about your web browser or terminal equipment as well as your use of our website. This information can in turn be used to create a profile that is recognised when you visit our website again.

The aforementioned cookies and other technologies are hereinafter collectively referred to as “cookies”.

II. What types of cookies and other technologies exist?

We distinguish between essential cookies on the one hand and optional cookies on the other:

• Essential cookies are those that are technically necessary for the functionality as well as for ensuring the security and stability of our website and information technology systems. We also assign to this category those cookies that store certain settings that you have made, options selected or information entered until you close your web browser (at the latest), in order to provide the desired function that you have requested (e.g. login status, language setting etc.). Your consent is not required to store or read essential cookies. You cannot, therefore, manage essential cookies via the settings of the consent management service that we use, but only via your web browser and delete cookies stored there or block storage of cookies.
• Optional Cookies are those that are not essential for functionality nor to ensure the security and stability of our website and information technology systems, but are used for analysis or marketing purposes. These cookies can, for example, be used to compile anonymous statistics and collect information on how you use our website, which enables us to analyse the use of our website and thereby optimise it. We also assign to this category those cookies that store certain settings that you have made, options selected or information entered; these remain after you have closed your web browser in order to provide the desired function that you have requested (e.g. login status by selecting “Remember my e-mail address”, wish list, compare list etc.) over a longer term. To store or read optional cookies, your prior consent is generally required. You can consent to the use of optional cookies and withdraw any consent that you have granted at any time with future effect via the settings of the consent management service that we use.

Both essential and optional cookies may be so-called “session cookies” or “persistent cookies”, which differ in their intended lifetime or functional life:

• Session cookies are stored on your terminal equipment and are automatically deleted when you close your web browser.
• Persistent cookies (or permanent cookies) are stored on your terminal equipment and are not automatically deleted when you close your web browser, but remain on your terminal equipment for a predefined period of time.
• Data stored using local storage technology does not have an expiry date and therefore has unlimited functional life.

Note: You can generally delete cookies and data stored using local storage technology yourself via your web browser. For details, please refer to the instructions of your web browser manufacturer.

B. Use of cookies on our website

I. Essential Cookies

1. Which essential cookies are used for what purpose and for how long

- Content Delivery Network

• We use the content delivery network Amazon CloudFront CDN. The provider is Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg (hereinafter referred to as "Amazon").
• Amazon CloudFront CDN is a globally distributed content delivery network. Technically, the transfer of information between your browser and our website is routed via the Content Delivery Network. This allows us to increase the worldwide accessibility and performance of our website.
• The use of Amazon CloudFront CDN is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 (1) (f) GDPR).
• The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.
• Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
• To learn more about Amazon CloudFront CDN, see:
• https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.

- Load Balancer

For load distribution we use a so-called “load balancer”. With a load balancer, web requests are sent to a load balancing server, which in turn redirects the web request to an internal server. To avoid being routed back and forth between different servers within a session and to ensure uniform processing, your web requests are forwarded to the same server. To identify that server and to ensure correct redirection, we use a cookie with a lifetime or functional life of eight hours.

- Language detection

We use a session cookie to enable user-specific language display of our website. In so doing, the language of your web browser will be detected and our website displayed for you in the same language.

2. On which legal basis are essential cookies used?

In order to be able to demonstrate that – or whether – you have consented to the use of optional cookies requiring your consent, we store the information about your consent, whether given or not, in order to fulfil our legal obligation to provide evidence in accordance with Article 6 para. 1 point c and Article 6 para. 3 point a GDPR in conjunction with Article 7 para. 1 GDPR.

Furthermore, we use essential cookies for the purposes of legitimate interests in accordance with Article 6 para. 1 point f GDPR.

Our legitimate interests pursued are:

• Ensuring the security and stability of our website and information technology systems, for example by protecting against attacks in the form of targeted server overloads (Denial of Service attacks) or by using optimal load distribution on servers
• Establishment, exercise or defence of legal claims
• Providing and guaranteeing the proper functionalities of our website

3 How can I object to the use of essential cookies?

You can exercise your right to object by means of the blocking options described below under “Deletion/Blocking of Cookies” (cf. Article 21 para. 5 GDPR), i.e. by blocking essential cookies via your web browser settings.

Please note that if you delete without blocking, essential cookies will be used once again when you access our website at a later date. Please also note that deactivating or deleting or blocking essential cookies may affect the performance and functionality of our website and may cause certain features and functions to be unavailable.

II. Optional cookies

Using the following information, we would like to enable you to make a well-founded decision for or against the use of optional cookies and the associated data processing.

1. Which optional cookies are used for what purpose and for how long?

Web analysis

Subject to your consent, we use web analysis cookies in order to analyse the use of our website and thereby be able to improve it continuously. The anonymised user statistics obtained (e.g. number and origin of website visitors) enable us to optimise our website and improve its design – such as by placing frequently accessed information or topics on our website at the right location to meet demand.

Against this background, we use the services detailed hereafter:

- Google Analytics

For web analysis we use “Google Analytics”, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively “Google”), with the “IP anonymization” extension (also called “IP masking method”). To this end, we have concluded a data processing agreement with Google in accordance with Article 28 GDPR. Google will accordingly process the data collected (data about your terminal equipment or web browser, IP addresses and your website or application activities) on our behalf for the purposes of evaluating your use of our website, compiling reports on website activity and providing other services relating to website and internet usage.

Data collected within the context of Google Analytics may be stored and processed by Google or subprocessors of Google outside the EU or the EEA and thus in a third country, in particular in the USA. The IP masking method that we use ensures that before the IP address is transferred to a Google server in the USA and stored there, it is shortened within EU member states or in other EEA member states so that no IP address is transferred in its entirety, thereby preventing or considerably complicating identification of a person. Only in exceptional cases will the complete, i.e. entire, IP address be transferred to a Google server in the USA and only shortened there.

For a data transfer to a third country, pursuant to the GDPR, additional conditions are to be complied with in order to ensure that the level of data protection guaranteed in the EU is not undermined. In this case, the data transfer to the USA takes place on the basis of the European Commission’s adequacy decision of 10 July 2023. According to this adequacy decision, the USA ensures an adequate level of protection within the meaning of Art. 45 GDPR for personal data transferred from the EU to organisations in the USA that are certified under the “EU-U.S. Data Privacy Framework” (hereinafter “DPF”) and included in the “Data Privacy Framework List” (https://www.dataprivacyframework.gov/s/participant-search), maintained and made publicly available by the U.S. Department of Commerce.

Google LLC is certified under the DPF and included in the Data Privacy Framework List.

Service provider information:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google Ads Data Processing Terms:

https://privacy.google.com/businesses/processorterms/

Terms of Service:

https://marketingplatform.google.com/about/analytics/terms/us/

Overview of data usage in Google Analytics:

https://support.google.com/analytics/answer/6004245?hl=en

Privacy Policy:

https://policies.google.com/privacy

Technical explanation of “IP Anonymization (or IP masking) in Google Analytics”

https://support.google.com/analytics/answer/2763052?hl=en

Additional note:

If you wish to deactivate Google Analytics across all websites, you can download and install the “Google Analytics Opt-out Browser Add-on” at https://tools.google.com/dlpage/gaoptout?hl=en. This option only disables web analysis as long as you are using a web browser for which you have installed the add-on.

Integration of third-party services

As part of the provision of our website , we integrate various content and functional elements (hereinafter collectively also referred to as "services") that are obtained from the web servers of their respective providers (hereinafter referred to as "third-party providers"). For the proper presentation and provision of the Services, it is always necessary that your IP address is transmitted to the respective third-party provider. Although we make every effort to only include services for which the respective third-party provider only uses the IP address to deliver the services, we have no influence on further processing by third-party providers.

When you visit our website for the first time  , we ask you for your consent to the transfer of data to third-party providers associated with the use of other services by means of an upstream query ("cookies, other technologies and other services"). If you do not already give your consent with this upstream query, third-party services requiring consent will be blocked on our website and no data will be transmitted to third-party providers. Instead, you can give your consent separately for individual third-party services by clicking on "Accept" in the respective blocker. If you no longer want to consent to each third-party service individually in the future and would like to be able to load them without the respective blocker, you have the option of additionally selecting "Always accept" or the like and thus also consenting to the associated data transfers for all other relevant third-party services that you will call up on our website in the future  .

You can revoke your consent at any time with effect for the future and thus prevent the further transmission of your data by deselecting the corresponding service under "Other services (optional)" in the settings of the consent management service.
With this in mind, we use the following services:

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and origin of the user. This data is assigned to the user's respective end device. It is not assigned to a user ID.

Furthermore, with Google Analytics, we can, among other things: Record your mouse and scroll movements and clicks. In addition, Google Analytics uses various modeling approaches to complement the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. Consent can be revoked at any time.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link:

https://www.dataprivacyframework.gov/s/participant-search/participant detail?contact=true&id=a2zt000000001L5AAI&status=Active

IP Anonymization

Google Analytics IP anonymization is enabled. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide further information on the website.

To provide services related to the use of the website and the Internet to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information about how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded a contract with Google for order processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google DoubleClick

This website uses features of Google DoubleClick. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter referred to as "DoubleClick").

DoubleClick is used to show you interest-based ads across the Google advertising network. With the help of DoubleClick, the advertisements can be tailored to the interests of the respective viewer.  For example, our advertisements may be displayed in Google search results or in banner ads associated with DoubleClick.

In order to be able to display interest-based advertising to users, DoubleClick must
recognise the viewer and show them the websites they have visited, clicks and other information about the
user behavior. For this purpose, DoubleClick uses cookies or similar
recognition technologies (e.g. device fingerprinting). The information collected is combined into a pseudonymous user profile in order to display interest-based advertising to the user in question.

The use of Google DoubleClick is in the interest of targeted advertising measures. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.
For more information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to use tracking or statistics tools and other

technologies on our website. The Google Tag Manager itself doesn't create any
user profiles, does not store cookies and does not carry out any independent analyses. It is only used for the purpose of
Management and playout of the tools integrated via it. However, Google Tag Manager collects your IP address, which may also be transferred to Google's parent company in the United States.
The use of Google Tag Manager is based on Art. 6 (1) (f) GDPR. The
Website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1)
TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Maps

• This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
• In order to use the functions of Google Maps, it is necessary to store your IP address. These
• Information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is enabled, Google may use Google Fonts for the purpose of consistent font display. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
• The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. Provided that a corresponding
• consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a)
• GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
• The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.
• Details can be found here:
• https://privacy.google.com/businesses/gdprcontrollerterms/ und https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
• You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.
• The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link:
• https://www.dataprivacyframework.gov/s/participant-search/participant detail?contact=true&id=a2zt000000001L5AAI&status=Active

- jQuery Content Deilivery

In order to deliver our website or all our individual subpages (web pages) to you quickly and easily on different devices, we use services from jQuery CDN from the company jQuery Foundation. jQuery is distributed via the Content Delivery Network (CDN) of the American software company StackPath (LCC 2012 McKinney Ave. Suite 1100, Dallas, TX 75201, USA). Through this service, personal data about you is stored, managed and processed.

A content delivery network (CDN) is a network of regionally distributed servers that are connected to each other via the Internet. Thanks to this network, content, especially very large files, can be delivered quickly, even during peak loads.

jQuery uses JavaScript libraries to deliver our website content quickly. To do this, a CDN server loads the necessary files. Once a connection to the CDN server is established, your IP address is collected and stored. This only happens if this data is not already stored in your browser from a previous website visit.

StackPath's privacy policy explicitly mentions that StackPath uses aggregated and anonymized data from various services (such as jQuery) for security enhancement and for its own services. However, this data cannot identify you as an individual.
If you do not want this data transfer to occur, you always have the option of installing Java script blockers such as ghostery.com or noscript.net. However, you can also simply disable the execution of JavaScript codes in your browser. If you decide to disable JavaScript codes, the usual functions will also change. For example, a website doesn't load as fast anymore.

StackPath is an active participant in the EU-U.S. Privacy Shield Framework, which governs the correct and secure transfer of personal data. More information can be found on https://www.privacyshield.gov/participant?id=a2zt0000000CbahAAC&status=Active . For more information on data protection at StackPath, see https://www.stackpath.com/legal/privacy-statement/ and jQuery at https://www.stackpath.com/legal/privacy-statement/ .

New Relic

On this website, we use a plugin from New Relic's web analytics service. It enables us to collect statistical evaluations about the speed of the website, to determine whether the website can be accessed and how quickly the respective page is displayed when it is accessed. This service is provided by New Relic Inc. (188 Spear Street, Suite 1200 San Francisco, CA 94105, USA; "New Relic").

New Relic uses cookies. When a user accesses a web page that contains a New Relic plugin, their browser establishes a direct connection with New Relic's servers.

By integrating the plugin, New Relic receives the information that a user has accessed the corresponding page of the offer. If the user is logged in to New Relic, New Relic can associate the visit with their New Relic account. However, if a user is not a member of New Relic, New Relic will store his or her IP address.The purpose and scope of the data collection and the further processing and use of the data by New Relic, as well as the related rights and setting options for the protection of users' privacy, can be found in New Relic's privacy policy: https://newrelic.com/privacy.

If a user is a member of New Relic and does not want New Relic to collect information about them through this offer and link it to their membership information stored with New Relic, they must log out of New Relic before visiting the New Relic website.

You can object to the collection and storage of data for the purpose of web analysis at any time with effect for the future by deactivating cookies in your browser settings. To do this, consult the appropriate help file or help function of your browser

Data recipients

We may transfer your data to:

• Other companies of the Liebherr Group, insofar as this is necessary for the initiation, execution or termination of a contract or if there is a legitimate interest on our part in the transfer and your overriding legitimate interest does not conflict with this;
• The providers of the features you actively use and any other services or services;
• Our service providers that we use to achieve the above purposes
• The recipient(s) you wish to see;
• courts, arbitration tribunals, authorities or legal advisers if this is necessary to comply with applicable law or to establish, exercise or defend legal claims.

Data transfers to third countries

The transfer of data to bodies in countries outside the European Union or the European Economic Area (so-called third countries) or to international organisations is only permissible (1) if you have given us your consent or (2) if the European Commission has decided that an adequate level of protection exists in a third country (Article 45 GDPR). If the Commission has not made such a decision, we may only transfer your data to recipients located in a third country if appropriate safeguards are in place (e.g., standard data protection clauses adopted by the Commission or the supervisory authority following a specific procedure) and the enforcement of your data subject rights is ensured or the transfer is permissible in individual cases on the grounds of other legal bases (Article 49 GDPR).

Where we transfer your data to third countries, we will inform you of the respective details of the transfer at the relevant points in this data protection declaration.

Data erasure and storage period

We will process your data as long as this is necessary for the respective purpose, unless you have effectively objected to the processing of your data or effectively withdrawn any consent you may have given.

Insofar as statutory retention obligations exist, we will be bound to store the data in question for the duration of the retention obligation. Upon expiry of the retention obligation, we will check whether there is any further necessity for the processing. If there is no longer such a necessity, your data will be deleted.

Data security

We use technical and organizational security measures to ensure that your data is protected against loss, incorrect changes or unauthorized access by third parties. In any case, only authorized persons have access to your data from our side, and only to the extent necessary in the context of the above-mentioned purposes. The transmission of all data is encrypted.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as

For example, orders or inquiries that you send to us as the site operator, SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address bar of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

As of: Februar 2024