Privacy policy

1. Data protection at a glance

General information

The following information gives a basic overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. You can find extensive information on data protection in the following privacy policy.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the controller’s contact details in the “information about the controller” section of this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you transmit it to us. This may apply e.g. to data you enter in a contact form.
Other data is collected automatically or with your consent by our IT systems when you visit the website. This especially includes technical data, (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you access this website.

What do we use your data for?

One portion of the data is collected in order to ensure the faultless provision of the website. Other data may be used to analyse your user behaviour.

What are your rights regarding your data?

You have the right at any time to obtain information about the origin, recipients and purpose of the storage of your personal data. You also have the right to the rectification or erasure of this data. If you have consented to data processing, you may withdraw this consent at any time with future effect. Furthermore, you have the right, under specific circumstances, to demand the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.


Please contact us at any time if you have any further questions about this or other data protection issues.

Analytics tools and third-party tools

When you visit this website your surfing behaviour may be statistically evaluated. This is primarily done using so-called analytics programs.


You can find detailed information on these analytics programs in the following privacy policy.

2. Hosting und Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (host). The personal data that is collected on this website is stored on the host’s servers. This may include IP addresses, contact requests, metadata, communications data, contractual data, names, website access logs and other data generated through the use of a website.


The host is used for the purpose of contract fulfilment towards our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of online services by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our host will only process your data to the extent required to render their services and will follow our instructions with regard to this data.

We use the following host:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

Conclusion of a contract regarding data processing

To ensure that processing complies with data protection laws, we have concluded a data processing contract with our host.

3. General notes and mandatory information

Data protection

The operator of these sites takes the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the legal data protection requirements and this privacy policy.

If you use this website, various forms of personal data will be collected. Personal data is data with which you can be personally identified. The following privacy policy explains which data we collect and what we use it for. It also explains how and for what purposes this occurs.

We would like to point out that data transmission via the Internet (e.g. when communicating by email) may be vulnerable to security breaches. Absolute protection of the data against access by third parties is not possible.

Information about the controller

The data controller for this website is:

A. Eberle GmbH & Co. KG
Frankenstraße 160
90461 Nürnberg, Deutschland

Tel.: +49 911 628108-0
E-Mail: info(at)a-eberle.de

The controller is the natural or legal person who, alone or with others, decides the purposes and means of processing of personal data (e.g. names, email addresses or similar).

Storage period

If no specific storage period has been specified in this privacy policy, we will store your personal data until the purpose for which it was collected no longer applies. If you assert a justified request to have your data erased or withdraw your consent to data processing, your data will be erased unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be erased once these reasons no longer apply.

Legally required data protection officer

We have appointed a data protection officer for our company.

Jürgen Krauß
Frankenstraße 160
90461 Nürnberg, Deutschland


E-Mail: juergen.krauss(at)a-eberle.de

Information on data transfer to the USA

Tools offered by companies headquartered in the USA are embedded in our website. If these tools are active, your personal data may be transferred to the respective company’s servers located in the USA. We point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to disclose personal data to security authorities without you as a data subject being entitled to legal recourse. We therefore cannot exclude the possibility of US authorities (e.g. secret services) processing, evaluating and permanently storing your personal data which is on US servers. We have no influence on these processing activities.

Withdrawal of consent to data processing

Many data processing measures are only possible with your express consent. You can withdraw consent you have given at any time. The legality of the data processing that took place up to the point of withdrawal is unaffected by this.

Right to object to data processing in special cases and against direct marketing (Art. 21 GDPR)

IF DATA PROCESSING TAKES PLACE ON THE BASIS OF ART. 6 PARA. 1 (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PERSONAL SITUATION; THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS ON WHICH EACH FORM OF PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU LODGE AN OBJECTION WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS: WE CAN DEMONSTRATE COMPELLING REASONS FOR SUCH PROCESSING THAT DEMAND THE PROTECTION OF THE LAW AND WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS; OR IF SUCH PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION AS PER ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO ITS PROCESSING FOR SUCH PURPOSES; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED TO DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR THE PURPOSES OF DIRECT MARKETING (RIGHT TO OBJECT AS PER ART. 21 PARA. 2 GDPR).

Right to lodge a complaint with the competent supervisory authority

In the case of infringements of the GDPR, the data subject has the right to lodge a complaint with the competent supervisory authority, especially one in the member state of their ordinary residence, place of work or in the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to receive or have provided to a third party the data that we process with your consent or automatically in the fulfilment of contracts in a structured, commonly used and machine readable format. If you request the direct transfer of the data to another controller, this will only take place if technically possible.

SSL- or TLS-encryption

For security reasons and to protect the transmission of confidential content, such as orders or queries sent to us as the operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the address bar, which will change in your browser from “http://” to “https://”, while a lock symbol appears.


If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Access, erasure and rectification

Within the framework of the valid legal provisions, you have the right to obtain information at any time and free of charge about the data stored relating to you, its origins and recipients and the purpose of the data processing. You also have the right, as applicable, to the rectification or erasure of this data. Please contact us at any time if you have any further questions about this or other personal data issues.

Right to restrict processing

You have the right to demand the restriction of the processing of your personal data. You can contact us at any time in this regard. You have the right to restrict processing in the following instances:

  • If you dispute the correctness of your personal data that we store, we will usually need time to check this. For the duration of this checking process, you have the right to demand the restriction of the processing of your personal data.
  • If the processing of your personal data has occurred/is occurring unlawfully, you are able to request, instead of the erasure of your data, the restriction of its processing.
  • If we no longer need your personal data but you do for the establishment, exercise or defence of legal claims, you have the right to demand the restriction of processing instead of erasure.
  • If you have lodged an objection as per Art. 21 (1) GDPR, your interests must be weighed up against ours. As long as it is unclear whose interests are overriding, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data will only be processed – excluding storage – with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for urgent reasons of public interest within the European Union or a Member State..

Objection to advertising emails

The use of the contact data published within the framework of the mandatory legal notice for the purpose of sending advertising and information material that has not been expressly requested is hereby prohibited. The operator of the websites reserves the right to take legal measures in the case of unsolicited advertising material, for example, spam emails, being sent.

4. Data collection on this website

Cookies

Our internet sites use so-called “cookies”. Cookies are small text files and cause no damage to your device. They are either stored temporarily, for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These allow us or you to use certain services offered by the third party (e.g. cookies to handle payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions do not work without them (e.g. the “basket” function or displaying videos). Other cookies serve to assess your user behaviour or display ads.

Cookies required to execute electronic communications (strictly necessary cookies) or to provide certain functionalities you want (functional cookies, e.g. for the “basket” function) or to optimise the website (e.g. cookies to measure web audience) are stored on the basis of Art. 6 para. 1 (f) GDPR, as long as no other legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically flawless and optimised provision of services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 para. 1 lit. a GDPR); consent can be withdrawn at any time.

You can set your browser so that you are informed about the storage of cookies and only allow them in individual cases, can exclude them in particular cases or in general and can activate the automatic deletion of cookies when closing the browser. When cookies are deactivated, the functionality of this website may be restricted.
If cookies are placed by third parties or for analytics purposes, we will inform you separately within the framework of this privacy policy and request consent as appropriate.

Server-Log-Files

The provider of the sites collects and automatically stores information in so-called server log files, transmitted automatically to us by your browser. These include:

  • Browser type and version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of server request
  • IP-adress

This data is not collated with data from other sources.

The collection of this data takes place on the basis of Art. 6 para. 1 (f) GDPR. The website operator has a legitimate interest in the fault-free presentation and optimisation of the website. To this end, server logfiles must be collected.

Contact form

If you send queries to us via a contact form, your information from the contact form, including the contact data you enter there, will be stored by us for the purpose of processing the query and in case subsequent questions arise. We will not transfer this data without your consent.

The processing of this data takes place on the basis of Art. 6 para. 1 (b) GDPR, if your query is connected with the fulfilment of a contract or the execution of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of requests sent to us (Art. 6 para. 1 (f) GDPR) or your consent (Art. 6 para. 1 (a) GDPR), if this has been requested.

The data entered by you in contact forms remain with us until you request its deletion, withdraw consent to its storage or until the purpose for which it was collected no longer applies (e.g. when your query has been completely processed). Mandatory legal provisions – in particular, retention periods – remain unaffected.

Contact by email, telephone or fax

If you contact us by email, telephone or fax, your query, including all resulting personal data (name, query) will be stored and processed by us for the purpose of answering your query. We will not transfer this data without your consent.

The processing of this data takes place on the basis of Art. 6 para. 1 (b) GDPR, if your query is connected with the fulfilment of a contract or the execution of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of requests sent to us (Art. 6 para. 1 (f) GDPR) or your consent (Art. 6 para. 1 (a) GDPR), if this has been requested.

The data sent to us by you in the course of contact requests remain with us until you request its deletion, withdraw consent to its storage or until the purpose for which it was collected no longer applies (e.g. when your request has been completely processed). Mandatory legal provisions – in particular, legal retention periods – remain unaffected.

5. Social media

Facebook

We have integrated elements of the social network Facebook on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

An overview of the Facebook social media elements is available under the following link: https://developers.facebook.com/docs/plugins/.

If the social media element has been activated, a direct connection between your device and the Facebook server will be established. As a result, Facebook will receive information confirming your visit to this website with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link content of this website to your Facebook profile. Consequently, Facebook will be able to allocate your visit to this website to your user account. We have to emphasize that we as the provider of the website do not receive any information on the content of the transferred data and its use by Facebook. For more information, please consult the Data Privacy Policy of Facebook at: https://de-de.facebook.com/privacy/explanation.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendumhttps://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

Twitter

We have integrated functions of the social media platform Twitter into this website. These functions are provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

If the social media element has been activated, a direct connection between your device and Twitter’s server will be established. As a result, Twitter will receive information on your visit to this website. While you use Twitter and the “Re-Tweet” function, websites you visit are linked to your Twitter account and disclosed to other users. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by Twitter. For more details, please consult Twitter’s Data Privacy Declaration at: https://twitter.com/en/privacy.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

You have the option to reset your data protection settings on Twitter under the account settings at https://twitter.com/account/settings.

LinkedIn

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Any time you access a page of this website that contains elements of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited this website with your IP address. If you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to this website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 (1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=en.

For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

6. Analytics tools and advertising

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool with which we are able to include tracking and statistics tools and other technologies on our website. Google Tag Manager does not create user profiles itself, nor does it store cookies or carry out independent analysis. It only serves to administer and provide the tools embedded using it. However, Google Tag Manager does record your IP address, which may be transferred to the Google parent company in the USA.

The use of Google Tag Manager takes place on the basis of Art. 6 para. 1 (f) GDPR. The website operator has a legitimate interest in the fast, uncomplicated incorporation and administration of various tools on the website. If consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 (a) GDPR; consent can be withdrawn at any time.

Google Analytics

This website uses Google Analytics functions. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics allows the website operator to analyse the behaviour of website visitors. Through it, the website operator receives various usage data, e.g. page views, length of stay, operating system used and place of origin of the user. This data is collated by Google in a profile assigned to the user or their device.

Google Analytics uses technologies allowing the user to be recognised again for the purpose of user behaviour analysis. The information collected by Google regarding the use of this website is, as a rule, transferred to Google servers in the USA and stored there.

The use of this analytics tool takes place on the basis of Art. 6 para. 1 (f) GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both the web presence and any advertising. If consent has been requested (e.g. consent to the storage of cookies) processing takes place exclusively on the basis of Art. 6 para. 1 (a) GDPR; consent can be withdrawn at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymisation

We have activated the IP anonymisation function on our website. This means that your IP address is truncated by Google within member states of the European Union or in other states subject to the agreements of the EEA before its transmission to the USA. The entire IP address is only transferred to a Google server in the USA and truncated there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to create reports on website activities and to provide further services to the operator connected with website and Internet usage. The IP address sent from your browser while Google Analytics is active is not collated with other Google data.

Browser Plugin

You can prevent the recording and collection of your data by Google by downloading and installing a browser plugin via the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

You can find more information on the handling of user data by Google Analytics in the Google Data Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.

Data processing

We have concluded a contract with Google regarding data processing and have fully implemented the strict requirements of the German data protection authorities in the use of Google Analytics.

Storage period

Data stored by Google at the user and event level and linked to cookies, user IDs or ad IDs (e.g. DoubleClick cookies, Android ad ID) is anonymised or erased after 14 months. For details regarding this, see the following link: https://support.google.com/analytics/answer/7667196?hl=en

Google Ads

The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Ads Remarketing

This website uses the functions of Google Ads Remarketing. The provider of these solutions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offering to specific target groups in order to subsequently display interest-based advertising to them in the Google advertising network (remarketing or retargeting).

Moreover, it is possible to link the advertising target groups generated with Google Ads Remarketing to device encompassing functions of Google. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g., cell phone) in a manner tailored to you as well as on any of your devices (e.g., tablet or PC).

If you have a Google account, you have the option to object to personalized advertising under the following link: https://www.google.com/settings/ads/onweb/.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at: https://policies.google.com/technologies/ads?hl=en.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the assistance of Google Conversion Tracking, we are in a position to recognize whether the user has completed certain actions. For instance, we can analyze the how frequently which buttons on our website have been clicked and which products are reviewed or purchased with particular frequency. The purpose of this information is to compile conversion statistics. We learn how many users have clicked on our ads and which actions they have completed. We do not receive any information that would allow us to personally identify the users. Google as such uses cookies or comparable recognition technologies for identification purposes.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

For more information about Google Conversion Tracking, please review Google’s data protection policy at: https://policies.google.com/privacy?hl=en

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Facebook Pixel

To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Facebook Conversion API

We have integrated Facebook Conversion API into this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.  However, based on the information provided by Facebook, the recorded data is also transmitted to the United States and other Non-EU and Non-EEZ countries.

Facebook Conversion API enables us to record the interactions of our website visitors with our website and to share this information with Facebook to improve the promotional performance with Facebook.

To do this, in particular the time you accessed the site, the website you accessed, your IP address and your user agent, as well as, if applicable, other specific data (e.g., purchased products, value of the shopping cart and currency) are tracked. For a complete overview of the tracked data, please visit: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service occurs on the basis of your consent pursuant to Art. 6 Sect. 1 lit. a GDPR and § 25 Sect. 1 TTDSG. You may revoke your consent at any time.

If personal data is collected on our website with the assistance of the tool described herein and if it is shared with Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland shall be jointly responsible for the processing of your data, i.e., we are the data controllers (Art. 26 GDPR). This shared responsibility is limited exclusively to the recording of your data and its sharing with Facebook. The processing that occurs after the data has been shared with Facebook is not part of this shared responsibility. The obligations we share responsibility for have been documented in an agreement on joint processing. The concrete wording of this agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for the provision of the data protection information when using the Facebook tool and for the data protection law compliant secure implementation of the tool on our website. Facebook is liable for the data security of Facebook products. You may request information on your rights as a data subject (e.g., request for information) related to the data processed by Facebook directly from Facebook. If you claim any data subject rights with us, we are required to forward your request to Facebook.

The transfer of data to the United States is based on the standard contract clauses of the EU commission. For details please visit: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

In Facebook’s data privacy policy, you will find additional information pertaining to the protection of your privacy: https://de-de.facebook.com/about/privacy/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

LinkedIn Insight Tag

This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight tag

We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.

LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.

The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Legal basis

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of Art. 6(1)(f) GDPR; the website operator has a legitimate interest in effective advertising promotions that include the utilization of social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Objection to the use of LinkedIn Insight Tag

You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

7. Newsletter

Newsletter­ data

If you wish to subscribe to the newsletter offered on the site, we require your email address and information allowing us to confirm that you are the owner of that email address and consent to receive the newsletter. If further data is collected it will be on a purely voluntary basis. We only use this data to send the requested information and will not transfer it to third parties.

The processing of the data entered in the newsletter subscription form thus takes place exclusively on the basis of your consent (Art. 6 para. 1 (a) GDPR). You can withdraw your consent to the storage of your data and email address and their use to send you the newsletter at any time, e.g. by using the “unsubscribe” link in the newsletter. The legality of the data processing that has already taken place is unaffected by this withdrawal.

The data you provide to us for the purposes of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe and will be erased from the mailing list at this point or when the purpose for its storage no longer applies. We reserve the right to erase or restrict email addresses from our newsletter mailing list at our own discretion in accordance with our legitimate interest as per Art. 6 para. 1 (f) GDPR.

After your erasure from the newsletter mailing list, your email address may be saved by us or the newsletter service provider in a blacklist to prevent further mailings. Data from the blacklist is only used for these purposes and is not collated with other data. This serves both your and our interests, including our interest in compliance with legal requirements for the mailing of newsletters (legitimate interest as per Art. 6 para. 1 (f) GDPR). Storage on the blacklist is not restricted in time. You can object to your being placed on it if your interests override our legitimate interest.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter: “CleverReach”). CleverReach is a service that allows newsletter mailings to be organised and analysed. The data you enter when subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland.

Our newsletters sent via CleverReach allow us to analyse the behaviour of their recipients. We can analyse, for example, how many recipients have opened the newsletter email and how often each link in the newsletter was clicked. With the aid of so-called “conversion tracking”, we can also analyse whether a previously defined action (e.g. purchase of a product on our website) takes place after the link is clicked. For further information on data analysis using CleverReach newsletters, see:
https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

The data processing thus takes place on the basis of your consent (Art. 6 para. 1 (a) GDPR). You can withdraw this consent at any time by unsubscribing from the newsletter. The legality of the data processing that has already taken place is unaffected by this withdrawal.

If you do not want to be analysed through CleverReach, you must unsubscribe from the newsletter. We provide a link that lets you do this in every newsletter we mail.

The data you provide to us for the purposes of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe and will be erased from the mailing list at this point. Data stored by us for other purposes is not affected by this.

After your erasure from the newsletter mailing list, your email address may be saved by us or the newsletter service provider in a blacklist to prevent further mailings. Data from the blacklist is only used for these purposes and is not collated with other data. This serves both your and our interests, including our interest in compliance with legal requirements for the mailing of newsletters (legitimate interest as per Art. 6 para. 1 (f) GDPR). Storage on the blacklist is not restricted in time. You can object to your being placed on it if your interests override our legitimate interest.

You can find out more in the CleverReach privacy policy at: https://www.cleverreach.com/en/privacy-policy/.

Conclusion of a contract regarding data processing

We have concluded a contract with the provider of CleverReach regarding data processing and have fully implemented the strict requirements of the German data protection authorities in the use of CleverReach.

8. Plugins und Tools

YouTube with extended data protection

This website uses YouTube videos. The operator of the sites is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode stores no information about the visitor to the site before they watch the video. The transfer of data to YouTube partners, however, is not specifically excluded by extended data protection mode. Thus, YouTube – regardless of whether you watch a video – creates a connection to the Google DoubleClick network.

As soon as you play a video on this website, a connection is made to the YouTube servers. Through this, YouTube is informed of which of our pages you have visited. If you are logged into your own YouTube account, YouTube is able to assign your surfing behaviour to your personal profile. You can prevent this by logging out of your YouTube account.

In addition, once a video is played, YouTube is able to store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can collect information on the visitors to this site. This data is used e.g. to record video statistics, improve user-friendliness and prevent attempted fraud.

In certain situations, once a YouTube video has been played, further data processing may be triggered over which we have no control.

The use of YouTube takes place in the interests of presenting our online content attractively. This represents a legitimate interest in the sense of Art. 6 para. 1 (f) GDPR. If consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 (a) GDPR; consent can be withdrawn at any time.

You can find further information on data protection at YouTube in the corresponding privacy policy: https://policies.google.com/privacy?hl=en.

Google Web Fonts (local hosting)

This page uses so-called “web fonts” to ensure the unified presentation of type. These are provided by Google. Google fonts are installed locally. No connection to the Google servers takes place.

You can find further information on Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

OpenStreetMap

We use the mapping service OpenStreetMap (OSM). The provider is the Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.

If you visit a website in which OpenStreetMap is embedded, your IP address and other information concerning your behaviour may be transferred to the OSMF by this website. To this end, OpenStreetMap may in certain conditions store cookies on your browser or use comparable recognition technologies.

In addition, your location may be recorded if you have permitted this in your device settings – e.g. on your phone. The provider of this page has no influence on this data transfer. You can find details in the OpenStreetMap privacy policy here: https://wiki.osmfoundation.org/wiki/Privacy_Policy.

The use of OpenStreetMap takes place in the interests of presenting our online services attractively and ensuring the easy location of sites mentioned by us on our website. This represents a legitimate interest in the sense of Art. 6 para. 1 (f) GDPR. If consent has been requested (e.g. consent to the storage of cookies) processing takes place exclusively on the basis of Art. 6 para. 1 (a) GDPR; consent can be withdrawn at any time.

9. Own services

Handling data from applicants

We offer you the opportunity to apply to us (e.g. by email, post or an online application form). In the following, we inform you about the extent, purpose and use of your personal data as collected during the applications process. We ensure that the collection, processing and use of your data take place in accordance with applicable data protection law and all further legal provisions and that your data is treated in strictly confidentially.

Extent and purpose of data collection

If you send us an application, we process the connected data (e.g. contact and communications data, application documents, notes taken during applicant interviews etc.) insofar as is necessary to make decisions about the establishment of an employment relationship. The legal basis for this is Section 26 German Federal Data Protection Act (BDSG-neu) in German law (initiation of an employment relationship), Art. 6 para. 1 (b) GDPR (general initiation of a contract) and – if you have given consent – Art. 6 para. 1 (a) GDPR. Consent may be withdrawn at any time. Your personal data is exclusively transmitted within our company to persons involved in the processing of your application.

If the application is successful, the data you give us is stored in our data handling systems on the basis of Section 26 BDSG-neu and Art. 6 para. 1 (b) GDPR for the purposes of implementing the employment relationship.

Duration of data retention

If we do not make you an offer, you decline an offer or retract your application, we reserve the right to continue to store the data you transferred to us on the basis of our legitimate interest (Art. 6 para. 1 (f) GDPR) up to 6 months from the termination of the application process (retraction or rejection of application). Subsequently, the data will be erased and the physical application documents destroyed. Storage takes place in particular to provide evidence in case of legal disputes. If it is to be expected that the data will be required after the 6-month retention period has elapsed (e.g. because of an imminent or pending legal dispute), erasure will only take place once the purpose for continued storage no longer applies.

Longer retention may take place if you give corresponding consent (Art. 6 para. 1 (a) GDPR) or if legal retention obligations oppose erasure.

Contact request:



Your data is being processed

a-eberle kontakt newsletter ×

Our seminars &
webinars

► Register here!

x