Data Protection Declaration
Version January 2024
I. General information
1. introductory remarks
With this privacy policy, PACK EASY AG (hereinafter "PACK EASY", "we" or "us") explains to its customers, users, business partners, applicants, authorities and other persons involved (hereinafter "you") how personal data is collected and processed in the company. Responsible handling of your personal data is very important to us.
You may only provide us with the personal data of third parties if you are authorized to do so and the personal data is correct. We ask you to ensure that the persons concerned are aware of this privacy policy.
In this privacy policy, we alternate between the masculine and feminine form. All other gender designations are also to be understood under the respective designation. We may amend this privacy policy at any time and without prior notice. The current version published on our website applies in each case.
2. responsible body
Responsible for the content of this privacy policy and for the data processing described is
PACK EASY AG
Hasliring 12
CH-6032 Emmen
Tel. + 41 41 269 80 88
E-Mail: customercare@packeasy.ch
3. representation for data protection issues in the EU
Insofar as our data processing falls within the scope of the GDPR, we have appointed the following representative in accordance with Art. 27 GDPR
Pack Easy Germany GmbH Wallbrunnstrasse 24
DE-79539 Lörrach
Germany
Tel. + 41 41 269 80 88
Email: customercare@packeasy.ch
4. terminology
For a better understanding, we would first like to clarify the most important terms used in this privacy policy. In this respect, we adhere to the definitions of the Swiss Data Protection Act.
- Personal data: all information relating to an identified or identifiable natural person.
- Data subjects: natural persons about whom data is processed;
- Processing: any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, erasure or destruction of data.
- Controller: a private individual or federal body that alone or jointly with others decides on the purpose and means of processing.
- Processor: a private person or federal body that processes personal data on behalf of the controller.
5 Legal basis
This Privacy Policy complies with the requirements of the Swiss Federal Act on Data Protection ("FADP") and the associated Ordinance ("DPO") as well as the General Data Protection Regulation of the European Union ("GDPR"). The type and scope of the applicable legislation depends on the individual case. Foreign data protection law is only applied insofar as this is mandatory under applicable law and only for the data processing processes and persons affected.
We comply with the applicable data protection regulations when processing personal data.
The processing of personal data must not unlawfully violate the personality of the persons concerned. For this reason, such data processing must comply with the processing principles of data protection law and/or must be legitimized by a justification. In particular, we are legitimized to process personal data if the processing
- is based on a legal basis. The processing of personal data may be required or legitimized by law (e.g. statutory retention obligations).
- is necessary for the performance of a contract with the data subject or for pre-contractual measures. The majority of the processing of personal data in our company takes place in the context of fulfilling contractual obligations (e.g. processing orders)
- is necessary for the protection of legitimate interests on our part or on the part of third parties. A legitimate interest on our part exists in particular if the processing of personal data takes place within the scope of the purposes stated in section 8 as well as the disclosure of data in accordance with section 10 and the associated objectives.
- is based on consent. If the processing of personal data is based on your consent, we will inform you of this separately and transparently. You can revoke your consent at any time with effect for the future using the functions provided for this purpose (e.g. unsubscribe link for newsletters) or by sending us a written message (see contact points in sections 2 and 3 above). After receiving your revocation, we will cease the data processing affected by this, unless we can base the processing on another justification.
- is necessary for compliance with domestic and foreign legal provisions.
6. categories of personal data
Depending on the products and services you use and the respective relationship between you and us, we process the following categories of personal data in particular:
- Master data: e.g.: Title, surname, first name, gender, date of birth, address and contact data such as address, telephone numbers, e-mail addresses, language, customer numbers, user names, financial information.
- Contract data: e.g. information regarding the initiation, conclusion, processing, administration and termination of contracts between you and us, information in connection with job applications [see also section 15 below], interaction history, financial and payment information such as creditworthiness, information in connection with the enforcement of claims, bank data.
- Communication data: e.g: Master data, contract data, communication content from written, electronic and verbal correspondence (incl. social media posts and messages, comments on websites etc.), information from surveys, information on time, place, type etc. of communication, proof of identity, marginal data.
- Behavioral and transaction data: e.g. in connection with the use of our website and our online store, with your visit to our locations, participation in events, competitions and surveys, the use of electronic communication channels.
- Technical data: e.g. IP addresses, device IDs, details of the devices and applications you use and their settings, the internet provider you use, user names, passwords [as hash values], information in connection with 2-factor authentication, log data, time and, if applicable, approximate location in connection with the use of our products and services.
- Marketing data: e.g. information on personal preferences and interests, subscriptions and unsubscriptions to newsletters, content of marketing correspondence.
7 Origin of the data
To a large extent, we collect personal data directly from you as the data subject. In particular, this includes master data, contract data, communication data and marketing data. Such personal data is collected as part of the initiation and processing of business relationships and the use of our products and services. If you provide us with data on other persons (e.g. family members, business colleagues, employees), you must ensure that you are authorized to do so and that the data is correct. In addition, the persons concerned must be informed of this privacy policy in advance.
We may also collect personal data about you ourselves or automatically or derive it from existing data.
This includes, in particular, behavioral and transaction data as well as technical data.
Finally, we also collect personal data from third parties insofar as this is permitted by law. Such third parties include, in particular, persons from your environment, business partners, insurance companies, banks, authorities, official bodies, courts, parties and their legal representatives in the context of legal disputes, etc. We may also collect personal data from public sources (e.g. credit agencies, social media).
8 Purposes of data processing
We process the data collected in order to fulfill our legal and contractual obligations towards you and third parties. This includes in particular the initiation (including contact requests), administration and processing of contractual relationships.
We also process the data collected to ensure communication with you, to provide and improve the products and services you have requested, to manage your use of and access to our products and services, to maintain our business relationship with you, to carry out advertising and marketing measures (insofar as we are authorized to do so, e.g. by obtaining your consent), to monitor and improve the performance of our offering, to enforce legal claims or defend ourselves against them, and to ensure the security of our products and services. to recognize, prevent or clarify illegal activities, to ensure compliance with laws and recommendations of domestic and foreign authorities as well as internal regulations ("compliance") and risk management, to generally guarantee our operations (in particular IT, website, etc.) and to ensure administrative processes (e.g. data archiving, accounting, master data maintenance, quality assurance).
9 Processing duration of personal data
We process your personal data for as long as we are legally obliged to do so (e.g. retention and archiving obligations) or our legitimate business interests require this (e.g. enforcement of or defense against claims, ensuring IT security) or as long as the purpose of collecting your data makes it necessary or the retention is technically required. In the case of contracts, data is generally stored for the duration of the contractual relationship and the statutory retention periods beyond this (generally 10 years).
pThis may mean that your personal data or extracts thereof must be stored for several years after the end of the contractual relationship between you and us. If your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized as far as possible.
In certain cases, we may retain your personal data for longer - based on your consent (e.g. job applications that we have pending).
10 Disclosure of personal data to third parties
Where legally permissible and necessary, we may also disclose certain personal data to third parties as part of our business activities. These third parties process your personal data either on our behalf (processors), in joint responsibility with us or on their own responsibility. These include, among others
- our service providers, such as banks, insurance companies, IT providers, mail order companies, debt collection companies, credit agencies, cleaning companies, advertising service providers, lawyers, external consultants, trustees, etc.
- Business partners, such as sales partners, suppliers, etc.
- Domestic and foreign authorities, official bodies and courts
- Other parties in the context of administrative and court proceedings
- Parties involved in corporate transactions (e.g. purchase, sale or mergers of companies, business divisions, etc.)
- Other third parties who are necessary to achieve the purpose of the respective data processing
Where necessary, we have concluded corresponding order processing contracts with our service providers. In these contracts, they undertake to comply with data protection and data security regulations. Furthermore, they may only process personal data in accordance with our instructions. They also grant us comprehensive rights of inspection and control as well as rights of access, rectification and erasure.
11 Disclosure of personal data abroad
As a rule, we process and store personal data in Switzerland and the European Economic Area (EEA). In certain cases, however, we may also disclose personal data to service providers and recipients located outside this area or process personal data outside this area, in principle in any country in the world. In particular, you must expect personal data to be disclosed to all countries in which the service providers we use and their subcontractors are located (in particular the USA).
By taking appropriate measures, we ensure compliance with the legal requirements. Specifically, there is an adequacy decision by the competent authority. In the absence of such a decision, the transfer of personal data takes place on the basis of suitable guarantees (in particular standard contractual clauses approved by the European Commission and the Federal Data Protection and Information Commissioner [FDPIC]) or there are exceptions for certain situations (contract processing, legal enforcement abroad, etc.) or we obtain your express consent.
12. data security
To secure your data, we maintain technical and organizational security measures in accordance with the current state of the art.
Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. However, we would like to point out that even encrypted data transmission on the Internet always involves security risks. Complete protection of data against access by third parties cannot be guaranteed.
13. rights of data subjects
Provided that the requirements of the applicable data protection law are met and no statutory exceptions apply, you have the following rights in connection with the processing of your personal data:
- to receive information free of charge upon request as to whether and, if so, which personal data we process about you
- to have incorrect or incomplete personal data corrected
- to restrict the processing of your personal data
- to blocking of your personal data - to erasure or anonymization of your personal data
- to data portability
- to withdraw your consent to the processing of your personal data with effect for the future
- to object to the processing of your personal data.
Please note that these rights may be restricted or excluded in specific individual cases (e.g. to protect third parties or business secrets).
To assert your rights as a data subject or if you have any questions about this privacy policy and the processing procedures described therein, you can contact the offices listed in sections 2 and 3 above.
If you believe that your data has been processed unlawfully, we would be grateful if you could contact us directly. Alternatively, you can lodge a complaint with the supervisory authority responsible for you. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). In the EU, the complaint must be submitted to the respective national data protection authority.
II Supplementary information in connection with selected data processing operations
14. processing of personal data in the context of the use of our website, our online store and the services offered on it
14.1 Hosting
To operate our online store and our website, we use the online platform of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify"), for the purpose of hosting and displaying the online store. All data collected on our website is processed on Shopify's servers.
In particular, the hosting provider stores master data, contract data, communication data, behavioral data, transaction data and technical data that are transmitted or automatically generated by you when you use our website or place orders via our website.
As part of the use of Shopify's services, Shopify may transfer data to the USA and Canada. Canada has an adequacy decision in terms of data protection (from the perspective of both Switzerland and the EU). Insofar as the disclosure of data to the USA cannot be legitimized by an adequacy decision, such disclosure will be secured by including the standard contractual clauses approved by the competent authorities.
Further information on Shopify's data protection can be found on the following website: https://www.shopify.de/legal/datenschutz.
Within the scope of the GDPR, the associated processing of your personal data is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in the provision of a user-friendly and modern online store and an appealing website. The website and online store must be coordinated with each other, which can be achieved with two-sided hosting or operation via Spotify.
14.2 Log files
When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person.
This information is technically necessary in order to correctly deliver the website content you have requested and is mandatory when using the Internet. It is processed for the following purposes in particular:
- Ensuring a smooth connection to the website,
- Ensuring the smooth use of our website,
- evaluating system security and stability and
- for other administrative purposes.
We do not use your data to draw conclusions about your person. Recipients of the data are only the controller and, if applicable, processors. Anonymous information of this kind may be statistically evaluated by us in order to optimize our website and the technology behind it.
Within the scope of the GDPR, the associated processing of your personal data is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in accordance with the aforementioned purposes.
14.3 Cookies
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of session cookies, the controller can provide the users of this website with a user-friendly service that would not be possible without the setting of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily consent to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. Only if you explicitly consent to this will these cookies be stored; the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.
14.4 Tracking tools
Our website uses Google Analytics, Google Maps, Google Fonts, Google Ads, Google Remarketing and Google Tag Manager from Google Inc. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services (hereinafter "Google").
In addition to the following explanations, you will find further information on data protection at Google in the Google data protection declaration: https://policies.google.com/privacy.
We have concluded a data processing agreement with Google.
Within the scope of the GDPR, this data is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in an appealing website and in increasing our reach or on the basis of your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future.
Google Analytics
We use functions of the web analysis service Google Analytics on our website. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site (see section 14.3 above). The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
The purpose of data processing is to evaluate the use of the website and to compile reports on website activity. Based on the use of the website and the Internet, further associated services are then to be provided. The processing is based on the legitimate interest of the website operator.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: Browser Add On to deactivate Google Analytics.
In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking on this link. This will install an opt-out cookie on your device. This will prevent Google Analytics from collecting data for this website and for this browser in the future as long as the cookie remains installed in your browser.
You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Google Maps
We use Google Maps on our website to display interactive maps and to provide directions. When you access a web page on our website that has integrated Google Maps, your browser establishes a connection with the Google servers. In addition, Google Maps sets cookies (see above under section 14.2). By using Google Maps, various information (e.g. IP address, addresses entered, date and time of the website visit) can be transmitted to Google servers in the USA.
You can find more information about data processing by Google here: https://policies.google.com/privacy?hl=de. You can also change your personal data protection settings there in the data protection center. Detailed instructions on managing your own data in connection with Google products can be found here.
You can find general information about Google Maps at: https://www.google.com/intl/de/maps/about/#!/.
Google Fonts
We do not use Google Fonts on our website for the uniform display of fonts.
Google Ads
We use the advertising tool Google Ads and the associated Google conversion tracking to advertise our website and services. If you have reached our website via an ad placed by Google, a cookie will be set on your computer. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked via the websites of Ads customers. The information collected using the conversion cookie is used to generate conversion statistics for Ads customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
If you do not wish to participate in tracking, you can refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies (see section 14.3 above) or by setting your browser to block cookies from the domain "googleleadservices.com".
Please note that you may not delete the opt-out cookies as long as you do not wish measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.
Google Remarketing
We use the Google Remarketing function on our website. This function is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called "cookie" is stored in the browser of the website visitor (see the above explanations under section 14.3), which makes it possible to recognize the visitor when he or she visits websites that belong to the Google advertising network. On these pages, the visitor can be presented with advertisements that relate to content that the visitor has previously accessed on websites that use Google's remarketing function.
According to its own information, Google does not collect any personal data during this process. However, if you do not wish to use Google's remarketing function, you can deactivate it by making the appropriate settings at http://www.google.com/settings/ads. Alternatively, you can deactivate the use of cookies for interest-based advertising via the advertising network initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.
Google Tag Manager
We use Google Tag Manager for the central integration and management of website tags. Website tags are code snippets from e.g. GoogleAds or Google Analytics, with which we can track and trace activities on our website. Google Tag Manager allows us to manage website tags efficiently and effectively. You can find more information about Google Tag Manager at: https://tagmanager.google.com/.
14.5 Embedded YouTube videos
We embed YouTube videos on some of our websites. The operator of these pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode, which, according to YouTube, only initiates the storage of user information when the video is played. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode.
As soon as you start a YouTube video on our website, a connection is established to YouTube's servers (possibly also in the USA). In this context, YouTube learns which of our pages you have visited. If you are logged into your YouTube account, you also enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube can store various cookies on your end device or use comparable recognition technologies (e.g. device fingerprinting) (see above under section 14.3). In this way, YouTube can obtain information about you. According to YouTube, this serves, among other things, to record video statistics, improve user-friendliness and prevent abusive behavior.
If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no influence.
We have concluded an order processing contract with Google.
Further information about data protection at YouTube can be found in their privacy policy at: https://www.google.de/intl/de/policies/privacy/.
Within the scope of the GDPR, this data is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in an appealing website or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future.
14.6 Registration on our website
When registering for the use of our personalized services, some personal data is collected, such as name, address, contact and communication data such as telephone number and e-mail address. If you are registered with us, you can access content and services that we only offer to registered users. Registered users also have the option of changing or deleting the data provided during registration at any time. Of course, we will also provide you with information about the personal data we have stored about you at any time. We will also be happy to correct or delete this data at your request, provided there are no statutory retention obligations to the contrary. To contact us in this regard, please use the contact details provided in sections 2 and 3 above.
Within the scope of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing a user-friendly and modern online store and an appealing website or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be withdrawn at any time with effect for the future.
14.7 Newsletter
On our website, we offer you the opportunity to subscribe to our newsletter, which we use to inform you about our services at regular intervals.
To send you the newsletter, we need your e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. This data is used exclusively for sending the newsletter.
We use the so-called double opt-in procedure to register for the newsletter. After registering, you will receive an e-mail in which we ask you to confirm your registration. Subscriptions to the newsletter are logged.
This includes storing the time of registration and confirmation as well as the IP address. Any changes to your stored data are also logged.
You can revoke your consent to the storage of your personal data and its use for sending the newsletter at any time. There is a corresponding link in every newsletter.
We use the services of Klaviyo, Inc, 125 Summer Street, Floor 6, Boston, MA, 02110, United States, to process, send and analyze the newsletter. You can find more information about Klaviyo's privacy policy here: https://www.klaviyo.com/legal/privacy.
We have concluded an order processing contract with Klaviyo.
Within the scope of the GDPR, the associated processing of your personal data is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing appropriate information to our existing customers or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future.
14.8 Comment function
When users leave comments on our website, the time they were created and the user name previously selected by the website visitor are stored in addition to this information. This is for our security, as we can be prosecuted for illegal content on our website, even if it was created by users.
Within the scope of the GDPR, the associated processing of your personal data is based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future.
14.9 Contact form
If you contact us with questions of any kind by e-mail or contact form, you give us your voluntary consent for the purpose of contacting you. This requires you to provide a valid e-mail address. This is used to assign the request and subsequently answer it. The provision of further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. Once your inquiry has been dealt with, your associated personal data will be automatically deleted, unless there is a justification for further storage.
Within the scope of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in processing the inquiries addressed to us or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be withdrawn at any time with effect for the future.
15 Processing of personal data of applicants
We accept applications by post, e-mail or contact form. If necessary, we also work with other external partners (e.g. job portals and recruitment agencies). Please also note the data protection notices of these partners. This includes Professional.ch in particular. The provider is Yousty AG, Limmatstrasse 21, 8005 Zurich. You can find their privacy policy here: https://www.professional.ch/datenschutz.
We treat your data as strictly confidential. Your personal data will only be passed on within our company to persons who are entrusted with processing your application.
We process the personal data sent to us as part of your application and the personal data collected during the application process, insofar as this is necessary for the decision on the conclusion and execution of an employment contract. This includes
Master data (surname, first name, address, contact details, date of birth, marital status, etc.) - Information about your educational, professional and personal qualifications - Information that we have collected as part of the application process (e.g. as part of assessments) - Other information that you have sent to us in connection with your application.
We process your personal data in this regard for as long as this is necessary for the decision on your application. They will be deleted a maximum of six months after the end of the application process, unless longer storage is legally required or permitted or you have not consented to longer storage.
If an employment relationship is established following the application procedure, your application documents will be transferred to your personnel file.
16 Processing of personal data in the context of interaction with our social media channels
16.1 General information
We maintain the publicly accessible profiles in social networks listed below. You will find graphics linked to the respective networks on our platform. By clicking on a corresponding graphic, you will be redirected to the selected social network. After forwarding, the network collects and processes your information in the following context.
When you visit our profiles on the social networks, personal data about you may be collected. For example, if you are logged into your social network accounts and visit our profile at the same time, the portal operator may be able to assign this visit to your user account. However, even if you have logged out of your account or if you do not have an account with the respective portal, your personal data may be collected. Such data can be collected, for example, by setting cookies or web beacons. Based on the data collected in this way, the portal operators can create user profiles and show you interest-based advertising. Further information on this can be found in the respective data protection declarations of the portal operators.
The purpose and scope of the data collection and the further processing and use of the data by the respective social network as well as your rights in this regard and setting options to protect your privacy can be found in the relevant data protection regulations of the respective social network.
Within the scope of the GDPR, social networks are used in the interest of an appealing presentation of our online offers, to increase our reach and to promote our products and services. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time with effect for the future.
16.2 Facebook
We use selected tools from Facebook (e.g. Facebook fan page, Meta Business Suite). The provider of these tools is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
With the help of these tools, we want to optimize the customer experience by only showing our services and products to those people who are interested in them. To this end, Facebook collects certain information about visitors to our website and social media platforms. Based on this, we receive analyses regarding the way our website, services and products are used.
You can object to receiving advertising tailored to you via this link: www.facebook.com/settings?tab=ads.
Facebook and we are considered jointly responsible for certain data processing (e.g. Facebook fan page, Page Insights, etc.). Where necessary, we have therefore entered into appropriate agreements with Facebook to regulate the rights and obligations of both parties as joint controllers (see www.facebook.com/legal/terms/page_controlle r_addendum). Further information on data protection at Facebook can be found here: https://www.facebook.com/policy.php.
16.3 Instagram
We use functions of the Instagram service. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. If you have a user account with Instagram, you can interact with us via Instagram. As part of this interaction, we process the personal data you provide. Further information on data protection at Instagram can be found here: https://instagram.com/about/legal/privacy/.
16.4 YouTube
We maintain a profile on YouTube and can also use it to embed videos on our website or our apps. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the use of YouTube can be found in section 14.5 above.
16.5 TikTok
We use functions and services of the TikTok service. This also includes the TikTok pixel tool for the purpose of conversion tracking for advertisers. The provider is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. If you have a user account with TikTok, you can interact with us via TikTok. As part of this interaction, we process the personal data you provide. TikTok processes various visitor data (e.g. IP address, end device information, advertising ID, usage behavior). The information collected may also be made available to us in the form of statistical evaluations (e.g. number of profile views, information on followers, information on our videos). Further information on data protection at TikTok can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE.
16.6 LinkedIn
We maintain a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. You can find more information on how LinkedIn handles your personal data in its privacy policy: https://www.linkedin.com/legal/privacy-policy. LinkedIn uses advertising cookies. If you wish to deactivate them, please follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
16.7 Google My Business
We use Google My business from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). When you visit and interact with our Google My Business entry, Google also records your IP address and other information that is collected in the form of cookies on your device. This information is collected for statistical purposes. The data collected about you in this context is processed by Google and may also be transferred to the USA. Further information can be found in the Google privacy policy: https://policies.google.com/privacy.