I. NAME AND ADDRESS OF THE DATA CONTROLLERS
Assenagon Asset Management S.A.
Aerogolf Center, 1B Heienhaff
1736 Senningerberg
Luxembourg
Phone +49 27049-100
with branch office in:
Prannerstraße 8
80333 München
Germany
Phone +49 89 519966-0
privacy@assenagon.com
www.assenagon.com
is the controller within the meaning of the EU General Data Protection Regulation, other national data protection laws enacted by the EU Member States and other data protection rules.
II. GENERAL INFORMATION DATA PROCESSING
1. Scope of personal data processing
We will generally only process the personal data of our users where this is required to provide a functional website as well as our content and services. As a rule, the personal data of our users are only processed based on their prior consent. An exception applies in such cases where for factual reasons, consent cannot be obtained in advance and the law allows the processing of data.
2. Legal basis for the processing of personal data
Article 6 para. 1 sent. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis in cases where we obtain the consent of the data subject for the processing of its personal data.
Where the processing of data is necessary for the performance of a contract to which the data subject is party, this is based on Article 6 para. 1 sent. 1 lit. b GDPR. The same applies for data processing operations required for the implementation of measures in advance of a contract.
Article 6 para. 1 sent. 1 lit. c GDPR serves as the legal basis in cases where our company requires the processing of personal data for compliance with its legal obligations.
Article 6 para. 1 sent. 1 lit. d GDPR applies where the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person.
If the data processing is required to protect a legitimate interest of our company or a third party, and if such legitimate interest overrides the interests, fundamental rights and freedoms of the data subject, then Art. 6 para. 1 sent. 1 lit. f GDPR is the applicable legal basis for such processing.
3. Data storage period and data erasure
The personal data of the data subject are erased as soon as the purpose for which the data is stored no longer applies. Data may be stored beyond this period if such longer storage is regulated by European or national legislation in EU regulations, laws or other provisions applicable to the data controller. Data are also blocked or erased once the storage period required by the above-mentioned provisions expires, unless further storage of the data is required for the purpose of the conclusion or performance of a contract.
4. Data collection in Switzerland
In Switzerland, personal data may be collected and processed by each company of the Assenagon Group (Assenagon Asset Management S.A. including its German branch, Assenagon GmbH and Assenagon Schweiz GmbH). Each company will at all times observe the regulations of this privacy policy and national data protection laws. The data may be disseminated within the Assenagon Group as necessary to fulfil the purpose and for internal administrative purposes.
5. Processing of personal data by joint controllers
Assenagon GmbH and Assenagon Asset Management S.A. have concluded a contract as joint controllers within the meaning of the Article 26 GDPR, governing the mutual responsibilities for any processing operations carried out as joint controllers. This is particularly relevant for processing in connection with the dispatch of information on products and other topics. The joint controllers have undertaken to guarantee the security of data processing, to inform each other of serious disruptions in the processing of data and to provide each other with the necessary support in answering requests from data subjects seeking to enforce their rights set out in Article 12 to 22 GDPR and Article 34 GDPR. The contract further stipulates that if the consent of a data subject is required for the processing of personal data, this consent is obtained from the joint controller who collects or has collected the data.
III. RIGHTS OF THE DATA SUBJECT
If your personal data are processed, you are considered a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the data controller:
1. Right of access
You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed. Where this is the case, you can demand access to the personal data and the following information from the controller:
1. The purposes for which the personal data are processed;
2. the categories of personal data concerned;
3. the recipients or categories of recipients to whom personal data concerning you have been or will be disclosed;
4. the envisaged period for which personal data concerning you will be stored, or, if specific information cannot be provided on that matter, the criteria used to determine the storage period;
5. the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or the right to object to such processing;
6. the right to lodge a complaint with a supervisory authority;
7. where the personal data are not collected from the data subject, any available information as to their source;
8. the existence of automated decision-making, including profiling, referred to in Article 22 para. 1 and 4 GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to demand information on whether personal data concerning you are transferred to a third country or to an international organisation. In this context, you can request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
2. Right to rectification
You have the right, vis-à-vis the controller, to have your processed personal data rectified and/or completed insofar as they are inaccurate or incomplete. The controller shall carry out such rectification without undue delay.
3. Right to restriction of processing
You have the right to restrict the processing of your personal data, where the following conditions apply:
- If you contest the accuracy of personal data concerning you for a period, enabling the controller to verify the accuracy of the personal data;
- if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- if the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- if you have objected to processing pursuant to Article 21 para. 1 GDPR, pending the verification whether the legitimate grounds of the controller override your legitimate grounds.
Where processing of personal data concerning you has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If processing was restricted pursuant to the above conditions, you shall be informed by the controller before the restriction of processing is lifted.
4. Right to erasure
a) Erasure obligation
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase such data without undue delay where one of the following grounds applies:
1. The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
2. You withdraw your consent on which the processing is based according to Article 6 para. 1 sent. 1 lit. a, or Article 9 para. 2 lit. a GDPR, and there is no other legal ground for the processing.
3. You object to the processing pursuant to Article 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 para. 2 GDPR.
4. The personal data concerning you have been unlawfully processed.
5. The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
6. The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8 para. 1 GDPR.
b) Information to third parties
Where the controller has made the personal data concerning you public and is obliged pursuant to Article 17 para. 1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers, which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
There should be no right to erasure, if the processing is required
1. for exercising the right of freedom of expression and information;
2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject; or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. for reasons of public interest in the area of public health in accordance with Article 9 para. 2 lit. h and i as well as Article 9 para. 3 GDPR;
4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 para. 1 GDPR, in so far as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
5. for the establishment, exercise or defence of legal claims.
5. Right to be informed
If you have exercised your right to rectification, erasure or restriction of processing towards the controller, the controller shall be obligated to notify all recipients to whom personal data concerning you have been disclosed, of the rectification or erasure of the data or the restriction of processing, unless this proves impossible or would involve disproportionate effort.
You are entitled to require the controller to inform you about these recipients.
6. Right to data portability
You have the right to receive personal data concerning you, which you have provided to the controller, in a structured, commonly-used and machine-readable format. You are also entitled to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where
1. the processing is based on consent pursuant to Article 6 para. 1 sent. 1 lit. a GDPR or Article 9 para. 2 lit. a GDPR or on a contract pursuant to Article 6 para. 1 sent. 1 lit. b GDPR and
2. the processing is carried out by automated means.
In exercising your right to data portability, you have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not give rise to any infringement of the rights and freedoms of other persons.
The right to data portability shall not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you which is based on Article 6 para. 1 sent. 1 lit. e or f GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing purposes; this includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
8. Right to withdraw consent under data privacy law
You may withdraw your consent under data privacy law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or affects you significantly in a similar way. This shall not apply if the decision
1. is necessary for entering into, or performance of, a contract between you and the data controller;
2. is authorised by Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
3. is based on your explicit consent.
However, these decisions shall not be based on special categories of personal data referred to in Article 9 para. 1 GDPR, unless Article 9 para. 2 lit a. or g GDPR applies and suitable measures are in place to safeguard your rights and freedoms and legitimate interests.
With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
IV. PROVISION OF THE WEBSSITE AND CREATION OF LOG FILES
1. Description and scope of the data processing
Every time our Internet website is accessed, our system automatically collects data and information from the accessing system.
The following data are collected:
- Information on the browser type/browser version
- The operating system of the user
- The IP address of the user
- The date and time of the access
The data are also stored in the log files of our system. These data are not stored together with the other personal data of the user.
2. Legal basis for the processing of these data
The legal basis for the temporary storage of the data and the log files is Article 6 para. 1 sent. 1 lit. f GDPR.
3. Purpose of the data processing
The system has to store the IP address temporarily in order to transmit the website to the device of the user. This requires storing the IP address of the user until the end of the session.
The log files are stored in order to ensure the correct functioning of the website. We also use these data to optimise our website and to ensure the security of our IT systems. The data are not evaluated for marketing purposes in this context.
These purposes also constitute our legitimate interest in the data processing pursuant to Article 6 para. 1 sent. 1 lit f GDPR.
4. Storage period
The data are erased as soon as they are no longer required for the purpose of their collection. In the event that the data are collected to provide the website, the data are erased once the relevant session ends.
Data saved in log files are erased after a maximum period of seven days.
5. Objection and deletion
The collection of data for providing the website and the storage of data in log files is an unavoidable requirement for the operation of the website; the user is therefore not entitled to object to such data collection and storage.
V. USE OF COOKIES
1. Description and scope of the data processing
This website uses cookies. Cookies are text files stored within the Internet browser/by the Internet browser on the user's device. When a user accesses a website, a cookie may be stored on the device of the user. The cookie contains a characteristic text string enabling the unique identification of the browser when the website is accessed again.
Regardless of the cookie settings that users can choose from on our website, internet browser settings allow you to remove cookies and to limit access to cookies for individual or all websites.
After accessing the website, the user can decide on the cookies to be used. A distinction is made between essential cookies, which enable basic functions and are necessary for the proper functioning of the website, and other, non-essential cookies, which may have different functions, such as the collection of statistical information on the use of the website.
Via the button "Cookie settings" you can change your settings at any time and view further information on the relevant cookies.
Essential cookies serve to enable the basic functions of our website. This includes the possibility for users to create a list of fund favourites and to display different content depending on the user profile (country and profile of the user). For example, based on the user profile, the funds and share classes displayed on the funds subpage will be filtered, thus only displaying the products relevant to the user. To avoid users having to confirm their cookie settings each time they visit the website, the cookie settings are also stored in an essential cookie.
In addition, we use cookies on our website, which enable an analysis of the user's browsing behaviour, so-called statistics cookies. These cookies collect information about website usage that helps us understand how our visitors use our website.
The user data collected in this fashion are pseudonymised through technical measures. As a consequence, the data will no longer be readily attributable to the accessing user. The data will not be stored together with the other personal data of the user. The analysis of the information collected by statistics cookies is done in Matomo. For more information about Matomo, see "X. Use of plug-ins".
We embed Youtube videos on our site, cookies are also used in this process. You can find more information about this in section IX.
2. Legal basis for the processing of these data
The legal basis for the processing of personal data through the use of essential cookies is Article 6 para. 1 sent. 1 lit. f GDPR. The processing of information on the user's country and profile is necessary to ensure compliance with distribution licenses, which are legal obligations of our company. The legal basis for such processing is Article 6 para. 1 sent. 1 lit. c GDPR. The legal basis for all other processing of personal data through the use of cookies is Article 6 para. 1 sent. 1 lit. a GDPR.
3. Purpose of the data processing
The purpose of the use of essential cookies is to simplify the users' use of the website. Some features of our website cannot be provided without the use of cookies. They require identifying the browser after the user navigates from one webpage to the other.
We require cookies for the following applications:
- Session ID for users according to the information given by the user about country and profile
- Login data
The user data collected by cookies are not used to create user profiles.
The statistics cookies are used in order to improve the quality of our website and its contents. Through the statistics cookies, we learn how the website is used, which enables us to continuously improve our offerings.
Marketing cookies can be used to follow users on websites in order to optimize the relevance of advertising and to improve the user experience when using third-party services.
4. Period of storage, objection and deletion
Cookies are stored on the device of the user and transferred to our website by the device. You as the user therefore have full control over the use of cookies. Regardless of the cookie settings that users can choose from on our website, you can deactivate or limit the transfer of cookies by changing the settings of your Internet browser. You can delete existing cookies at any time, and cookies can also be deleted automatically. If cookies are deactivated for our website, it may not be possible to access the further content of the website.
VI. INFORMATION ON PRODUCTS AND OTHER TOPICS
1. Description and scope of the data processing
We inform about our products and other topics via all common means of communication. In particular we offer the mailing of free product and other information. These can be subscribed to through our website or by contacting us directly. When subscribing through our website, the following data, entered by the user into an input form as he signs up, are transferred to us:
- E-mail address
- Salutation
- Title
- Last name
- First name
- Function/position
- Company
- Country
- Language
- Message
- Phone/mobile number
- User agent
- Time until form submission
- IP address of the accessing device
- Date and time of the registration
In the context of the registration process, your consent for the processing of the data for the purpose of such mailings is obtained and reference is made to this data privacy statement.
The data are used exclusively for the aforementioned purpose. The data will be disseminated within the group of undertakings (Assenagon Asset Management S.A. including its German branch, Assenagon GmbH and Assenagon Schweiz GmbH) as necessary to fulfill the purpose and for internal administrative purposes. In addition, our service providers commissioned with the maintenance and development of the website are also able view this data. Such viewing is generally limited to individual cases for problem solving. No further transfers to third parties or to third countries are being made.
2. Legal basis for the processing of these data
Where user consent has been obtained regarding the mailing of the product and other information, the legal basis for the data processing is Article 6 para. 1 sent. 1 lit. a GDPR. Processing may also be based on a consideration of interests in accordance with Article 6 para. 1 sent. 1 lit. f GDPR. The legal basis for telephone communication is Article 6 para. 1 sent. 1 lit. f GDPR.
3. Purpose of the data processing
The user data highlighted as mandatory are collected in order to inform the user about our products and other topics.
The collection of other personal data in the context of the registration process serves to manage the subscription and to prevent an abuse of the services.
These purposes also constitute our legitimate interest in the processing of the personal data pursuant to Article 6 para. 1 sent. 1 lit. f GDPR.
4. Storage period
The data are erased as soon as they are no longer required for the purpose of their collection. The data of the users are therefore stored only for the time period in which the subscription is active.
The other personal data collected during the registration process solely for the purpose of abuse prevention are generally erased after a period of seven days.
5. Objection and deletion
The user may cancel the subscription at any time and each e-mail with product and other information contains a corresponding link for this purpose.
The user is also able to withdraw his consent at any time to the storage of the personal data collected during the registration process and to object to the use of his data for phone calls.
VII. REGISTRATION
1. Description and scope of the data processing
For special occasions such as invitations to events and web conferences, we offer users the option of registering on our website, which involves entering personal data. The data are entered into an input form, transferred to us and stored. In the context of the registration process, the following data are collected:
- E-mail address
- Salutation
- Title
- Last name
- First name
- Function/position
- Company
- Comment
- Phone/mobile number
- User agent
- Time until form submission
- IP address of the accessing device
- Date and time of the registration
In the context of the registration process, the consent of the user to the processing of this data is obtained.
At events, photo and film recordings may be made. Users will be informed about such data processing during the registration process.
The data are only passed on to third parties to the extent necessary for attendance of the users to the event (e.g. hotel reservations, shuttle services etc.). The data will be disseminated within the group of undertakings (Assenagon Asset Management S.A. including its German branch, Assenagon GmbH and Assenagon Schweiz GmbH) as necessary to ful-fill the purpose and for internal administrative purposes. In addition, our service providers commissioned with the maintenance and development of the website are also able view this data. Such viewing is generally limited to individual cases for problem solving. No further transfers to third parties or to third countries are being made.
2. Legal basis for the processing of these data
Where user consent has been obtained, the legal basis for the data processing is Article 6 para. 1 sent. 1 lit. a GDPR. The processing may also be based on Article 6 para. 1 sent. 1 lit. f GDPR, which is always the legal basis for the preparation of photo and film recordings.
Where the purpose of the registration is the performance of a contract to which the user is party, or in order to take measures in advance of a contract, the processing of data is additionally based on Article 6 para. 1 sent. 1 lit. b GDPR.
In case of any legal obligations of the controller arising in connection with an event, the processing carried out to comply with such obligations will be based on Article 6 para. 1 sent. 1 lit. c GDPR.
3. Purpose of the data processing
The user data highlighted as mandatory are collected in order to enable the users' participation in the event, to perform preparation and follow-up works and to mail product and other Information. Follow-up works include in particular compliance with reporting duties to the relevant tax authorities as well as maintaining lists of participants used for organizing future events.
The collection of other personal data in the context of the registration process serves to manage the registration and to prevent an abuse of the invitations. If users are already stored in our contact database, data provided by the user during the registration process are stored and used to complete the contact database.
Photo and film recordings are used for our public relations work, the recordings will at least be published on our website.
These purposes also constitute our legitimate interest in the processing of the personal data pursuant to Article 6 para. 1 sent. 1 lit. f GDPR.
4. Storage period
The data are erased as soon as they are no longer required for the purpose of their collection.
For the data provided during the registration process, this is the case once the data are no longer required for the preparation and follow-up works and the mailing of product and other information. If the data are used to complete the contact database, the storage period is determined by the purpose for which we stored the previously stored data.
For photo and film recordings, this is the case once no further publication is intended and the nature of the publication does not require any further retention of the files.
The other personal data collected during the registration process solely for the purpose of abuse prevention are generally erased after a period of seven days.
5. Objection and deletion
You as the user may cancel the registration at any time. You may have the data changed at any time that are stored concerning you. And you are able to withdraw your consent, or respectively to object, to the processing of the personal data at any time. Please send us an informal request to the e-mail address indicated at the registration or to privacy@assenagon.com.
If the data are required for the performance of a contract or to carry out measures in advance of a contract or to comply with a legal obligation, the early erasure of data will only be possible if it does not conflict with contractual or legal obligations.
VIII. CONTACTFORM AND E-MAIL CONTACT
1. Description and scope of the data processing
Our website provides a contact form which can be used to contact us by electronic means. If the user uses this contact form, the data entered into the input form will be transferred to us and stored.
Upon submission of the message, the following data are also stored:
- E-mail address
- Salutation
- Title
- Last name
- First name
- Function/position
- Company
- Country
- Phone/mobile number
- Language
- Inquiry/feedback
- User agent
- Time until form submission
- IP address of the accessing device
- Date and time of the registration
In the context of the submission process, your consent for the processing of the data is obtained and reference is made to this data privacy statement.
The user can alternatively contact us via the provided email address. In this case, the personal user data provided with the email will be stored.
The data are used exclusively for processing the conversation. The data will be disseminated within the group of undertakings (Assenagon Asset Management S.A. including its German branch, Assenagon GmbH und Assenagon Schweiz GmbH) as necessary to fulfill the purpose and for internal administrative purposes. In addition, our service providers commissioned with the maintenance and development of the website are also able view this data. Such viewing is generally limited to individual cases for problem solving. No further transfers to third parties or to third countries are being made.
2. Legal basis for the processing of these data
Where user consent has been obtained, the legal basis for the data processing is Article 6 para. 1 sent. 1 lit. a GDPR.
The legal basis for the processing of data transferred by e-mail is Article 6 para. 1 sent. 1 lit. f GDPR. If the e-mail contact is also aimed at the conclusion of a contract, Article 6 para. 1 sent. 1 lit. b also serves as legal basis for the processing.
3. Purpose of the data processing
The purpose in processing the personal data from the input mask is to process the establishment of contact and to mail product and other information. Where contact is established via e-mail, this also serves as the required legitimate interest for the processing of the data.
The other personal data processed during the submission process serve to prevent the abuse of the contact form and to ensure the security of our IT systems.
4. Storage period
The data are erased as soon as they are no longer required for the purpose of their collection. For the personal data from the input mask of the contact form, this is the case once the data are no longer required for the processing of the establishment of contact and the mailing of product and other information. For the personal data sent by e-mail, this is the case once the relevant conversation with the user is ended. The conversation is ended once circumstances show that the relevant subject matter has been fully resolved.
The additional personal data collected during the submission process are erased after a period of seven days.
5. Objection and deletion
The user is able to withdraw his consent to the processing of the personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time; however, this makes it impossible to continue the conversation.
All personal data stored in the context of the establishment of contact will be erased in this case.
IX. USE OF PLUGINS AND ONLINE-SERVICES
USE OF MATOMO
1. Scope of personal data processing
We use the open source software tool Matomo on our website to analyse our users' surfing behaviour. The software places a cookie on the users' device (for more information on cookies, see "VI. Use of cookies"). When individual webpages are accessed on our website, the following data are stored:
(1) Two bytes of the IP address of the user’s accessing system
(2) The accessed website
(3) The website, from which the user has accessed our website (referrer)
(4) The sub-pages accessed from the accessed website
(5) The time spent on the website
(6) The frequency with which the website is accessed
The software runs exclusively on the servers of our website, and the personal data of the user are stored only there. For the purpose of analysis, our service providers commissioned with the maintenance and development of the website are also able to access the software and the data stored in it. The results of the analyses do not contain any personal data and are passed on within the group of undertakings (Assenagon Asset Management S.A. including its German branch, Assenagon GmbH und Assenagon Schweiz GmbH).
The software is configured to not store full IP addresses, but instead mask 2 bytes of the IP address ("Automatically Anonymise Visitor IPs", e.g.: 192.168.xxx.xxx). This prevents us from attributing the truncated IP address to the accessing device.
2. Legal basis for the processing of personal data
The legal basis for the processing of the personal data is Article 6 para. 1 sent. 1 lit. a GDPR.
3. Purpose of the data processing
The processing of the personal user data enables us to analyse the surfing behaviour of our users. Evaluating the resulting data enables us to compile information on the use of the individual components of our website. This helps us to continuously improve our website and to make it more user friendly. The interests of the users with regard to the protection of their personal data are sufficiently taken into account through the anonymisation of the IP address.
4. Storage period
The data are erased once they are no longer required for the purpose for which they were stored.
This is usually the case after five years.
5. Objection and deletion
Cookies are stored on the device of the user and transferred to our website. You as the user therefore have full control over the use of cookies. Regardless of the cookie settings that users can choose from on our website, you can deactivate or limit the transfer of cookies by changing the settings of your Internet browser. You can delete existing cookies at any time, and cookies can also be deleted automatically. If cookies are deactivated for our website, it will not be possible to access the further content of the website.
For further information on the privacy settings of the Matomo software, please visit: https://matomo.org/docs/privacy/
USE OF VIMEO
1. Scope of personal data processing
On our website, we use the Vimeo plugin from Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. When you visit our website, your browser will connect to the Vimeo servers in the US. Information about your visit to the website and your IP address will be forwarded to Vimeo. This occurs regardless of whether you have a Vimeo account and whether you are logged in to that account. If you are logged in, Vimeo may link the collected data to your account.
2. Legal basis for the processing of personal data
The legal basis for the processing of the personal data is Article 6 para. 1 sent. 1 lit. f GDPR.
3. Purpose of the data processing
The provision of the Vimeo plugin serves to improve the user friendliness of our website.
4. Storage period
We have no information about the duration of the storage.
5. Objection and deletion
For further information on the purpose and scope of the collection of data by Vimeo, please visit: vimeo.com/privacy
USE OF YOUTUBE
1. Scope of personal data processing
We embed YouTube videos on our website. This service is inactive when only essential cookies are selected, but it can be activated by the user. YouTube is a company based in the USA, but is subject to data protection rules in EU and EEA countries. For example, if you play an embedded YouTube video on a page of our website, general framework data such as your IP address may be transmitted to the social networks and platforms to YouTube through the embedding technology. We have no influence on how YouTube uses the data, they may in particular use it to create usage profiles. Please inform yourself about this directly at YouTube and adjust your privacy settings there.
2. Legal basis for the processing of personal data
The legal basis for the processing of the personal data is your consent pursuant to Article 6 para. 1 sent. 1 lit. a GDPR.
3. Purpose of the data processing
The provision of Youtube videos serves to improve the user friendliness of our website.
4. Storage period
We have no information about the duration of the storage.
5. Objection and deletion
For more information on the purpose and scope of possible data processing by Youtube and your related settings options for protecting your privacy, please refer to https://policies.google.com/privacy?hl=en
USE OF GOOGLE-FONTS
1. Scope of personal data processing
We use fonts on our website that are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When visiting our website, your browser establishes a connection with Google servers outside the European Union. In the process, your IP address and details of the website visited, browser and operating system are forwarded to Google. This happens regardless of whether you have a Google account and whether you are logged in to it. If you are logged in, Google can link the collected data with your account. The processing of the data is carried out by Google as the sole data controller. In this context, Google may store data about you in the USA.
2. Legal basis for the processing of personal data
The legal basis for the processing of the personal data is your consent pursuant to Article 6 para. 1 sent. 1 lit. a GDPR.
3. Purpose of the data processing
Google fonts are used for displaying texts and embedding YouTube videos. The fonts are characterized by good readability across a wide range of devices and device settings. They serve to improve the user friendliness of our site.
4. Storage period
We have no information about the duration of the storage.
5. Objection and deletion
For more information on the purpose and scope of possible data processing by Google and your related settings options for protecting your privacy, please refer to https://policies.google.com/privacy?hl=en