Privacy policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is any data with which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is subtel GmbH, Mainzer Str. 3, 10247 Berlin, Deutschland, Tel.: +49-(0)30-8020899-50, Fax: +49-(0)30 8020899-69, E-Mail: info@subtel.de. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 The controller has appointed a Data Protection Officer, who can be reached as follows: "Jan Eichelmann, Mainzer Str. 3, 10247 Berlin"

2) Data Collection When Visiting Our Website

2.1 When using our website for informational purposes only, i.e. when you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the moment of access
Amount of data sent in bytes
Source/reference from which you reached the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)
The processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to retrospectively check the server log files if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.

3) Hosting & Content Delivery Network

Bunny.net

We use a Content Delivery Network of the following provider: BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slowenien

This service enables us to deliver large media files such as graphics, page content, or scripts more quickly via a network of regionally distributed servers. The processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

The provider is based in the European Union (Slovenia), so that a transfer of personal data to third countries generally does not take place. Insofar as the provider processes data via edge servers outside the EEA, this is done on the basis of Standard Contractual Clauses of the European Commission.

4) Cookies

To make the visit to our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after you close the browser (so-called "session cookies"), while others remain on your end device for a longer period and allow the storage of page settings (so-called "persistent cookies"). In the latter case, you can check the storage duration in the cookie settings overview of your web browser.

If personal data is also processed by individual cookies that we use, the processing is carried out pursuant to Art. 6(1)(b) GDPR either for the performance of the contract, pursuant to Art. 6(1)(a) GDPR in the case of consent given, or pursuant to Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the website visit.

Insofar as cookies that are not strictly necessary for the provision of the service are stored on your end device or information on your end device is accessed, this is done on the basis of your consent pursuant to Section 25(1) TDDDG (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz) in conjunction with Art. 6(1)(a) GDPR. Technically necessary cookies are set on the basis of Section 25(2) No. 2 TDDDG in conjunction with Art. 6(1)(f) GDPR.

You can configure your browser so that you are informed about the setting of cookies and can individually decide whether to accept them, or you can exclude the acceptance of cookies for certain cases or in general. You can revoke or adjust your consent at any time via the cookie consent tool provided on the website.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contact

5.1 Trustpilot

For review reminders, we use the services of the following provider: Trustpilot A/S, Pilestrӕde 58, 1112 Kopenhagen, Dänemark

Exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR, we transmit your email address and, if applicable, other customer data to the provider so that they can contact you with a review reminder by email.

You can revoke your consent at any time with effect for the future towards us or the provider.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

5.2 When contacting us (e.g. via contact form or email), personal data is processed -- solely for the purpose of handling and responding to your inquiry and only to the extent necessary for this purpose.

The legal basis for the processing of this data is our legitimate interest in responding to your inquiry pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been conclusively resolved, provided that no statutory retention obligations apply.

6) Data Processing When Opening a Customer Account

Pursuant to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. Which data is required for opening an account can be found in the input form of the corresponding form on our website.

Deletion of your customer account is possible at any time and can be carried out by sending a message to the above-mentioned address of the controller. After deletion of your customer account, your data will be deleted, provided that all contracts concluded through it have been fully processed, no statutory retention periods apply, and there is no legitimate interest on our part in further storage.

7) Data Processing for Order Fulfillment

7.1 Insofar as necessary for contract fulfillment for delivery and payment purposes, the personal data collected by us will be passed on pursuant to Art. 6(1)(b) GDPR to the commissioned transport company and the commissioned credit institution.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you provided when placing the order (name, address, email address) in order to personally inform you about upcoming updates within the legally required period via a suitable communication channel (e.g. by post or email) in accordance with our statutory information obligations pursuant to Art. 6(1)(c) GDPR. Your contact data is used strictly for the purpose of notifications about updates owed by us and is only processed by us to the extent necessary for the respective information.

To process your order, we also work with the following service provider(s), who support us in whole or in part in the performance of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

7.2 Disclosure of personal data to shipping service providers

- Deutsche Post

As a transport service provider, we use the following provider: Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Deutschland

We pass on your email address and/or telephone number to the provider pursuant to Art. 6(1)(a) GDPR before delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided that you have given your express consent in the ordering process. Otherwise, we only pass on the recipient's name and delivery address to the provider pursuant to Art. 6(1)(b) GDPR for the purpose of delivery. The disclosure only takes place insofar as it is necessary for the delivery of goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

Consent can be revoked at any time with effect for the future towards the above-mentioned controller or towards the provider.
- DHL

As a transport service provider, we use the following provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Deutschland

Consent can be revoked at any time with effect for the future towards the above-mentioned controller or towards the provider.
- DPD

As a transport service provider, we use the following provider: DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Deutschland

Consent can be revoked at any time with effect for the future towards the above-mentioned controller or towards the provider.

7.3 Use of payment service providers (payment services)

- Adyen

One or more online payment methods of the following provider are available on this website: Adyen, Simon Carmiggeltstraat 6 - 50, 1011 DJ Amsterdam, Niederlande

When selecting a payment method of the provider in which you make an advance payment (e.g. credit card payment), payment data provided by you during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider pursuant to Art. 6(1)(b) GDPR. Your data is disclosed in this case exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.

8) Web Analytics Services

Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland ("Google"), which enables an analysis of your use of our website.

By default, when visiting the website, Google Analytics 4 sets cookies that are stored as small text snippets on your end device and collect certain information. The scope of this information also includes your IP address, which is, however, shortened by Google by the last digits to exclude direct personal identification.

The information is transmitted to Google servers and processed there. Transfers to Google LLC based in the USA are also possible.

Google uses the collected information on our behalf to evaluate your use of the website, to compile reports on website activities for us, and to provide further services related to website use and internet use. The IP address transmitted and shortened by your browser within the scope of Google Analytics will not be merged with other Google data. The data collected within the scope of Google Analytics 4 is stored for a period of two months and subsequently deleted.

All the processing operations described above, in particular the setting of cookies on the end device used, are only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the website. You can revoke your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the "cookie consent tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic characteristics
Google Analytics 4 uses the special "demographic characteristics" function and can generate statistics that make statements about the age, gender, and interests of website visitors. This is done through the analysis of advertising and information from third-party providers. This allows target groups for marketing activities to be identified. However, the collected data cannot be attributed to a specific person and is deleted after a storage period of two months.

Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to generate cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can, subject to your consent to the use of Google Analytics pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR, analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive personal data from Google, but only statistics. If you wish to stop the cross-device analysis, you can deactivate the "Personalized advertising" function in your Google account settings. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de Further information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs
As an extension to Google Analytics 4, the "UserIDs" function can be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR, have set up an account on this website, and log in to this account on different devices, your activities, including conversions, can be analyzed across devices.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection. In addition, Standard Contractual Clauses of the European Commission exist as an additional safeguard.

9) Retargeting/ Remarketing and Conversion Tracking

9.1 Google Ads Conversion Tracking

This website uses the online advertising program "Google Ads" and, within the scope of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland ("Google").

We use the Google Ads service to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). In relation to the advertising campaign data, we can determine how successful the individual advertising measures are. Our aim is to display advertising that is of interest to you, to make our website more interesting for you, and to achieve a fair calculation of advertising costs incurred.

The conversion tracking cookie is set when a user clicks on a Google Ads advertisement. Cookies are small text files that are stored on your end device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies therefore cannot be tracked across the websites of Google Ads customers. The information obtained using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that could be used to personally identify users.

In the course of using Google Ads, personal data may also be transmitted to the servers of Google LLC. in the USA.

Details on the processing operations initiated by Google Ads Conversion Tracking and on Google's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

All the processing operations described above, in particular the setting of cookies for reading information on the end device used, are only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.

You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the Google browser plug-in available at the following link:
https://www.google.com/settings/ads/plugin?hl=de

In order to address users whose data we have received in the context of business or business-like relationships with even more relevant advertising, we use a customer matching function within Google Ads. For this purpose, we transmit one or more files with aggregated customer data (primarily email addresses and telephone numbers) to Google electronically. Google does not receive access to plain data, but automatically encrypts the information in the customer files during the transmission process using a special algorithm. The encrypted information can then only be used by Google to match it with existing Google accounts that the data subjects have set up. This enables the delivery of personalized advertising across all Google services linked to the respective Google account.

The transmission of customer data to Google is carried out exclusively if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. You can revoke this consent towards us at any time with effect for the future. Further information on Google's data protection measures regarding the customer matching function can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182
Google's privacy policy can be viewed here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection. In addition, Standard Contractual Clauses of the European Commission exist as an additional safeguard.

9.2 Microsoft Advertising (Bing Ads) Conversion Tracking

This website uses the conversion tracking of Microsoft Advertising (formerly Bing Ads) of the following provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Irland

Microsoft Advertising sets a cookie on your end device when you have reached our website via a Microsoft Bing advertisement. In this way, Microsoft and we can recognize that someone clicked on an advertisement, was redirected to our website, and reached a predetermined target page (so-called "conversion page"). We only learn the total number of users who clicked on a Bing advertisement and were then redirected to the conversion page. No personal information regarding the identity of the user is communicated. Transfers to servers of Microsoft Corporation in the USA may also take place.

All the processing operations described above, in particular the setting of cookies on the end device used, are only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.

Further information on data protection at Microsoft can be found at: https://privacy.microsoft.com/de-de/privacystatement

9.3 Meta Pixel (Facebook Pixel)

On our website, we use the so-called "Meta Pixel" (formerly "Facebook Pixel") of the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland ("Meta")

With the help of the Meta Pixel, it is possible for Meta to determine the visitors of our online offering as a target group for the display of advertisements (so-called "Meta Ads"). Accordingly, we use the Meta Pixel to display the Meta Ads placed by us only to those users on Meta and within the services of partners cooperating with Meta (so-called "Audience Network") who have also shown an interest in our online offering or who exhibit certain characteristics (e.g. interests in certain topics or products determined by the websites visited) that we transmit to Meta (so-called "Custom Audiences"). With the help of the Meta Pixel, we also want to ensure that our Meta Ads correspond to the potential interest of users and do not have a harassing effect. Furthermore, we can track the effectiveness of Meta advertisements for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Meta advertisement (so-called "conversion tracking").

When using the Meta Pixel, data (including IP address, information about the web browser, location information, device ID, and date and time of the page visit) is transmitted to Meta servers. Transfers to Meta Platforms Inc. based in the USA are also possible.

All the processing operations described above, in particular the setting of cookies on the end device used, are only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.

Insofar as personal data is collected on our website and forwarded to Meta with the help of the procedure described here, we and Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Meta. The processing by Meta that takes place after the transfer is not part of the joint responsibility. The obligations incumbent upon us jointly have been set out in an agreement on joint processing. The agreement can be found at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Meta tool and for the data-protection-compliant implementation of the tool on our website. Meta is responsible for the data security of Meta products. Data subject rights (e.g. requests for information) regarding data processed by Meta can be asserted directly with Meta. If you assert data subject rights with us, we are obligated to forward them to Meta.

Further information on data protection at Meta can be found at: https://www.facebook.com/privacy/policy/

10) Website Functionality

10.1 Google reCAPTCHA

On our website, we use the Google reCAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland

In addition to a transfer of data to the above-mentioned provider location, data may also be transferred to: Google LLC, USA

This service enables us to check whether an input on our website (e.g. in a contact form, during registration or login) is made by a human or abusively by automated, machine processing. For this purpose, Google reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the page protected by reCAPTCHA. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website, mouse movements). The data collected during the analysis is forwarded to Google.

All the processing operations described above, in particular the reading or storage of information on the user's end device, are only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service via the "cookie consent tool" provided on the website.

Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://policies.google.com/privacy?hl=de

10.2 Google Sign-In

On our website, we provide a single sign-on function of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland

In addition to a transfer of data to the above-mentioned provider location, data may also be transferred to: Google LLC, USA

If you have an account with the provider, you can use these account credentials to register or create a user account on our website.

When visiting this page, a direct connection between your browser and the provider's servers may be established via this login function, even if you do not have an account with the provider or are not logged in to one. The provider thereby receives the information that you have visited our website. The information collected in this regard (possibly including your IP address) is transmitted directly from your browser to a server of the provider and stored there. However, the information is not used to personally identify you and is not passed on to third parties.

These data processing operations are carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in a user-friendly and interactive design of our online presence.

If you click the login button to register on our website with your provider account credentials, the provider transmits the general and publicly accessible information stored in your account (user ID, name, address, email address, age, and gender) to us exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR.

We store and use the data transmitted by the provider to set up a user account with the necessary data (salutation, first name, last name, address data, country, email address, date of birth), provided that you have released this data to the provider. Conversely, on the basis of your consent, data (e.g. information about your browsing or purchasing behavior) may be transferred from us to your account with the provider.

The consent given can be revoked at any time with effect for the future towards us.

Further information on data protection at Google can be found here: https://business.safety.google/intl/de/privacy/

10.3 Google Web Fonts

This site uses so-called web fonts of the following provider for the uniform display of fonts: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland

When you access a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly and establishes a direct connection to the provider's servers. In this process, certain browser information, including your IP address, is transmitted to the provider.

Data may also be transferred to: Google LLC, USA

The processing of personal data in the course of establishing a connection with the font provider is only carried out if you have given us your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service via the "cookie consent tool" provided on the website. If your browser does not support web fonts, a standard font from your computer will be used.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/

11) Rights of the Data Subject

11.1 The applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-a-vis the controller with regard to the processing of your personal data, whereby reference is made to the cited legal basis for the respective exercise requirements:

Right of access pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to notification pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.

11.2 The competent supervisory authority for data protection complaints is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Telefon: +49 30 13889-0
E-Mail: mailbox@datenschutz-berlin.de
Website: https://www.datenschutz-berlin.de

11.3 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

12) Automated Decision-Making

Automated decision-making including profiling pursuant to Art. 22(1) and (4) GDPR does not take place. Insofar as we use profiling for advertising purposes within the scope of the services described above (e.g. Google Analytics 4 with demographic characteristics, Google Ads Customer Match), this serves exclusively for the targeted delivery of advertising. No decisions are made that produce legal effects concerning you or similarly significantly affect you.

13) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the processing purpose, and -- where applicable -- additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law).

When personal data is processed on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned is stored until you revoke your consent.

If statutory retention periods exist for data processed on the basis of Art. 6(1)(b) GDPR in the context of legal or quasi-legal obligations, this data is routinely deleted after the retention periods have expired, provided that it is no longer required for contract fulfillment or contract initiation and/or there is no legitimate interest on our part in further storage.

When personal data is processed on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

When personal data is processed for the purpose of direct marketing on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(2) GDPR.

Unless otherwise stated in the other information in this declaration regarding specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.