Privacy policy

The protection of your privacy and your personal data is of great importance to us. Therefore, we only use your personal data in accordance with the legal provisions of applicable data protection laws. With this privacy policy, we inform you about the personal data we collect when you use our website.

Controller/Contact

The controller for data processing within the meaning of data protection laws is:

Adbyte GmbH
Loddenheide 8
48155 Münster, Germany

For questions or concerns regarding data protection, please contact gm(at)adbyte.de.

Access Data / Server Log Files

Adbyte – Gerald Mann (or his web hosting provider) automatically collects and stores information in server log files that your browser transmits to us. This includes:

IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transmitted
Website from which the request originates
Browser
Operating system and its interface
Language and version of the browser software.

The provider uses the log data only for statistical analysis for the purpose of operation, security, and optimization of the service. However, the provider reserves the right to review the log data retrospectively if there is reasonable suspicion of unlawful use based on concrete evidence. Through the log files, we also gain insights into how our service is used. For example, we learn which pages are particularly popular. The results of this analysis are ultimately available in statistical form and are anonymous. We do not use IP addresses to identify users. We store IP addresses for a maximum period of fourteen days.

We use intrusion detection systems (IDS) based on log files, which may store the IP address and associated data beyond this period in cases of suspected illegal or improper use of the service.

Cookies

We use so-called cookies on our site to recognize repeated use of our service by the same user/internet connection owner. Cookies are small text files that your internet browser stores on your computer. They serve to optimize our website and our offerings. These are mostly so-called „session cookies,“ which are deleted after your visit.

However, some of these cookies provide information to recognize you automatically. This recognition is based on the IP address stored in the cookies. The information obtained in this way is used to optimize our offerings and to make access to our site easier for you.

You can prevent the installation of cookies by adjusting your browser settings accordingly; however, we point out that in this case, you may not be able to use all functions of our website to their full extent.

SSL Encryption

Website operators are obligated under § 13 TMG to „ensure, as far as technically possible and economically reasonable, within their respective responsibility for commercially offered telemedia, through technical and organizational measures, that […] the technical facilities used […] are secured against violations of the protection of personal data […].“ Data transmission to and from this website is protected by an SSL certificate; however, for compatibility reasons, an unencrypted connection is also offered. If your browser does not automatically use the encrypted connection, you can manually activate encryption via this link.

Some client programs perform a validity check for certificates. This allows the Certificate Authority (the issuing company) to track which domains were visited from your IP. Such mechanisms are far beyond the provider’s sphere of influence.

Comments

We offer users the opportunity to leave individual comments on individual blog posts on the blog located on the website of the controller, as well as to respond to posts by other users. A blog is a portal, usually publicly accessible, on a website where one or more people, called bloggers or web bloggers, can post articles or write down thoughts in so-called blog posts. Blog posts can usually be commented on by third parties.

If a data subject leaves a comment on the blog published on this website, in addition to the comments left by the data subject, information on the time of the comment entry and the username (pseudonym) chosen by the data subject are stored and published. Furthermore, the IP address assigned by the Internet service provider (ISP) of the data subject is logged. This storage of the IP address is done for security reasons and in case the data subject violates the rights of third parties or posts illegal content through a submitted comment. The storage of this personal data is therefore in the controller’s own interest, so that they could exculpate themselves in the event of a legal violation. There is no transfer of this collected personal data to third parties unless such transfer is required by law or serves the legal defense of the controller.

Use of Ajax and Web Fonts

These websites use external fonts, Google Fonts. Google Fonts is a service of Google Inc. („Google“). The integration of these web fonts is done by a server call, usually a server of Google in the USA. This transmits to the server which of our web pages you have visited. The IP address of the browser of the visitor’s device is also stored by Google. For more information, please refer to Google’s privacy policy, which you can access here:

www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy

Content Delivery Networks by Stackpath

Our website uses NetDNA, which operates under several brands such as MaxCDN/Stackpath (BootstrapCDN and FontAwesomeCDN), a CDN from NetDNA, LLC (3575 Cahuenga Blvd. West, Suite 330, Los Angeles, CA 90068, USA; „MaxCDN“). CDNs ensure that the loading time of common JavaScript libraries and fonts is shortened because the files are transmitted from fast, local, or less busy servers. In doing so, your IP address, among other things, is transmitted to MaxCDN. The provider operates servers in the EU, but it cannot be ruled out that your browser may also access servers outside the EU. The content of our service and communication are not handled via CDN. To prevent the execution of JavaScript altogether, you can install a JavaScript blocker in your browser. For more information about the provider’s privacy policy, please visit www.maxcdn.com/legal.

We have signed the GDPR addendum at www.maxcdn.com/dpa.

Stackpath is certified under the Privacy Shield Agreement and thereby guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbahAAC&status=Active).

Content Delivery Networks by Cloudflare

We use a so-called „Content Delivery Network“ (CDN), offered by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified under the Privacy Shield Agreement and thereby guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active).

A CDN is a service with which the content of our online offering, especially large media files such as graphics or scripts, is delivered faster through regionally distributed and internet-connected servers. The processing of user data is solely for the aforementioned purposes and to maintain the security and functionality of the CDN.

The use is based on our legitimate interests, i.e., interest in a secure and efficient provision, analysis, and optimization of our online offering in accordance with Art. 6 para. 1 lit. f GDPR.

For more information, please refer to Cloudflare’s privacy policy: https://www.cloudflare.com/security-policy

VG Wort / Scalable Central Measurement Method

We use the „Scalable Central Measurement Method“ (SZM) of INFOnline GmbH (INFOnline GmbH, Brühler Str. 9, 53119 Bonn) to determine statistical parameters for determining the copy probability of texts. Anonymous measurement values are collected. The access number measurement uses a session cookie or a signature created from various automatically transmitted information from your browser to recognize computer systems. IP addresses are only processed in anonymized form. The method was developed with data protection in mind. The sole purpose of the procedure is to determine the copy probability of individual texts. At no time are individual users identified. Your identity is always protected. You will not receive any advertising through the system.

Many of our pages are equipped with JavaScript calls, through which we report accesses to the collecting society Wort (VG Wort). This enables our authors to participate in the distributions of VG Wort, which ensure statutory remuneration for the use of copyrighted works under § 53 UrhG.

User data and metadata are processed here, with IP addresses being truncated and the measurement methods pseudonymized. The truncated IP address is stored for a maximum of 60 days. The usage data in connection with a pseudonymous identifier („identifier“) is stored for a maximum of 6 months.

Users also have an opt-out option to object to the collection for the aforementioned purposes: https://optout.ioam.de

For more information, please refer to INFOnline’s privacy policy: https://www.infonline.de/datenschutz/benutzer

We use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f GDPR).

Google is certified under the Privacy Shield Agreement and thereby guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the AdSense service, which allows ads to be displayed on our website, and we receive compensation for their display or other use. For these purposes, usage data, such as clicks on an ad and the IP address of users, is processed, with the IP address being truncated by the last two digits. This means that user data is processed pseudonymously.

We use Google AdSense with personalized ads. In doing so, Google draws conclusions about users‘ interests based on the websites they visit or the apps they use and the user profiles created. Advertisers use this information to tailor their campaigns to these interests, which is beneficial for both users and advertisers. For Google, ads are personalized when collected or known data determines or influences ad selection. This includes, among other things, previous search queries, activities, website visits, app usage, demographic and location information. Specifically, this includes: demographic targeting, interest category targeting, remarketing, and targeting based on customer match lists and audience lists uploaded to DoubleClick Bid Manager or Campaign Manager.

For more information about Google’s data usage, settings, and opt-out options, please refer to Google’s privacy policy (https://policies.google.com/technologies/ads) and the settings for displaying ads by Google (https://adssettings.google.com/authenticated).

Usage-Based Online Advertising with Third Parties

To provide advertising that is relevant and tailored to current interests, attempts are made to draw conclusions about current interests based on website visits and browsing behavior.
With this type of service, this website can use user data to communicate advertising in the form of banners and other marketing methods—possibly based on the user’s interests. For the purpose of retargeting (remarketing) website visitors, as well as for measuring advertising success, third-party cookies (so-called third-party cookies) are used, and usage profiles may be created under a pseudonym. These can be evaluated for advertising and monitoring purposes. A direct inference to a person is not possible.

Advertising cookies are used, for example, for the following purposes:

Storing your website visits to determine your interests
Checking whether you clicked on an ad
Monitoring the number of visitors who click on an ad
Using third-party services to display ads tailored to your needs, interests, or preferences
Determining which ads and advertising materials are efficient for us
Displaying ads for products you previously clicked on or searched for
Measuring the number of ads displayed to avoid showing the same ads repeatedly
Displaying more interesting ads based on your use of our websites
Evaluating which ads you clicked on before purchasing products
Number of orders resulting from ads and their monetary value

For more information, please refer to the privacy policies of the respective services. In addition to any opt-out option offered by the listed services, the user can exclude the use of cookies by third-party services. Consent settings can be configured in the consent management tool:
Open Settings

The consent management tool is provided by Traffective GmbH. Traffective participates in the IAB Europe Transparency & Consent Framework and operates according to its specifications and guidelines. Traffective transmits consent signals via their management platform with the identification number 21.

Some of the services listed in the consent management tool transmit data to the USA. To the extent this is the case, the transfer is based solely on your consent pursuant to Art. 49 para. 1 lit. a GDPR. You give your consent by making the appropriate selection in the consent management tool, which is displayed when you visit our site.

For data transfers to the USA, there is no EU adequacy decision, nor does the provider process the data according to standard data protection clauses approved by the EU Commission. This means that data transmitted to these providers is not protected according to the GDPR standard. The provider is subject to US law and may therefore be obliged to disclose data to intelligence services if the corresponding legal requirements are met. Risks for the data subjects arise in particular from the difficulty of enforcing rights, the lack of control over further processing or disclosure of the data, and the aforementioned access by government agencies. Additionally, language barriers may hinder the enforcement of rights.

Use of External Search Services – Google CSE

Within our website, we use „Google Custom Search Engine“ (Google CSE) as an extension of our search. If our own internal search does not yield satisfactory results (zero results), we forward the search query to Google CSE. The integrated search service enables a full-text search for content on the website. Access to this search function is provided via a search box embedded in the header of each web page. To inform users of the internet offering, the text „Google™ Custom Search“ is displayed in the search box. The search field on these web pages („search field“) is provided by Google LLC („Google“) and is embedded unchanged as a software module on our web pages.

By entering a search term in the search box and pressing the enter key, the user activates the search function. The search results page is called up, which loads the corresponding search results from Google via a plugin provided by Google.

The plugin enables automated communication between the called search results page and the Google service when the search results page is accessed. The use of the search function provided by Google includes the dynamic transfer of data by the service provider Google to the search results page. Data is only transmitted to Google after the user activates the search box, initiates a full-text search, and calls up the search results page. By using the search function within the search results page, user data is also transmitted to Google.

By using the full-text search and the associated call-up of the search results page, the search terms you entered and the IP address of the computer you are using are transmitted to Google. If you are logged in to Google at the same time, the Google service can immediately assign the information to your user profile. You should log out to avoid the collection of profile information about you.

For more information from Google about the handling of user data (privacy policy), please visit https://www.google.de/intl/de/policies/privacy.

Ensuring a proper and smooth connection setup of the website,
Ensuring comfortable use of the website,
Evaluating system security and stability, and
For other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest arises from ensuring comfortable use of our website. In no case do we use the collected data to draw conclusions about your person.

Google DoubleClick

We use the online marketing tool Google „DoubleClick“ to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.). DoubleClick is characterized by displaying ads in real time based on the presumed interests of users. This allows us to display ads for and within our online offering more targeted, presenting users only with ads that potentially match their interests. For example, if a user is shown ads for products they were interested in on other online offerings, this is referred to as „remarketing.“ For these purposes, when our and other websites where the Google advertising network is active are accessed, a code from Google is executed directly, and so-called (re)marketing tags (invisible graphics or codes, also known as „web beacons“) are integrated into the website. With their help, an individual cookie, i.e., a small file, is stored on the user’s device (instead of cookies, comparable technologies can also be used). This file records which websites the user has visited, what content they are interested in, and which offers the user has clicked on, as well as technical information about the browser and operating system, referring websites, visit time, and other details about the use of the online offering.

The user’s IP address is also recorded, although this is truncated within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is transmitted in full to a Google server in the USA and truncated there. The aforementioned information may also be linked by Google with such information from other sources. If the user subsequently visits other websites, they may be shown ads tailored to their presumed interests based on their user profile.

User data is processed pseudonymously within the Google advertising network. This means that Google does not store or process, for example, the name or email address of the user, but processes the relevant data cookie-related within pseudonymous user profiles. From Google’s perspective, the ads are not managed and displayed for a specifically identifiable person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.

Cloudflare Turnstile

Cloudflare Turnstile (a service of Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) is an automated detection service that helps us verify whether a request is sent by a human or a bot. This detection is necessary to prevent spam messages.

We use Turnstile to ensure the secure use of the login/comments. The legal basis for this type of data processing is our legitimate interest in the secure operation of the contact form, Art. 6 para. 1 lit. f) GDPR.

Cloudflare processes your IP for verification purposes to its servers. Cloudflare processes the data on our behalf based on a data processing agreement between us and Cloudflare. This ensures that the data processing on our behalf is in accordance with the GDPR while safeguarding the rights of the data subjects. It may happen that the IP address is transmitted to Cloudflare’s American servers. In this case, the standard contractual clauses agreed between us and Cloudflare also apply to safeguard your rights.

You have the right to object to this data processing at any time; in this case, you may no longer be able to use the comment function/login under certain circumstances.

Cloudflare has committed to the Privacy Shield Agreement between the European Union and the USA and has been certified. This obliges Intercom to comply with the standards and regulations of European data protection law.

Further information from the third party on data protection can be found on the following website: here

With the following information, we inform you about the content of our newsletter as well as the registration, dispatch, and statistical evaluation procedures and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.

Content of the newsletter: We send newsletters, emails, and other electronic notifications with advertising information (hereinafter referred to as „newsletter“) only with the consent of the recipients or a legal permission. If the contents of the newsletter are specifically described during registration, they are decisive for the user’s consent. Otherwise, our newsletters contain information about our services and us.

Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can register with foreign email addresses. Newsletter registrations are logged to be able to prove the registration process in accordance with legal requirements. This includes storing the registration and confirmation times as well as the IP address. Changes to your data stored with the shipping service provider are also logged.

Registration data: To register for the newsletter, it is sufficient to provide your email address.

The logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves both our business interests and meets the expectations of users and also allows us to prove consent.

Cancellation/revocation: You can cancel the receipt of our newsletter at any time, i.e., revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. We may store the unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to prove previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided the former existence of consent is confirmed at the same time.

Utiq Service

We use the Utiq Service on our websites. The Utiq Service is operated by Utiq SA/NV and provided in collaboration with your network operator and participating websites, such as us.

To provide the Utiq Service, we are in a joint data responsibility (so-called „joint controllership“) with Utiq. As part of this joint data responsibility, the following applies, among other things:

The data processing related to the Utiq Service is based on the consent that we obtain on behalf of the Utiq ecosystem on websites where the Utiq Service is integrated.

On websites with Utiq Service integration, you have access to a special link in the footer that provides you with information about the service and its management and informs you about our partnership with Utiq.

Utiq provides you with a central privacy portal (consenthub) to facilitate the exercise of your data protection rights and to enable you to easily manage your Utiq consents and privacy preferences.

Notwithstanding the fact that you can exercise your rights in relation to each data controller, Utiq acts as a joint point of contact for all questions or concerns you may have in connection with the Utiq Service.

The Utiq Service gives you more control and transparency over the use of your data when you agree to personalized experiences or analytics on Utiq’s partner websites. As part of the Utiq Service, you gain access to a central privacy self-service portal, the so-called Utiq consenthub. There, you can manage your preferences for the Utiq Service and your Utiq consents and exercise your data protection rights. All in one place and at any time.

Utiq is an optional service. This means that it is inactive by default and is only activated when you give your explicit consent via the special Utiq popup on a participating website.

If you have given your consent to activate the Utiq Service during your first visit to our website, Utiq only passes on two secure so-called marketing signals to us. These are referred to as martechpass and adtechpass. These are random values generated by Utiq that allow us to recognize you as the same visitor without revealing your identity. This enables us to offer you personalized content and advertising or to conduct analyses, depending on what additional consents you have given us for these purposes. The martechpass and adtechpass are stored together with the corresponding „first-party cookies“ in your browser and expire after 90 days and 24 hours, respectively.

Further information about the Utiq Service can be found in the Utiq consenthub or in Utiq’s privacy policy.

Usage-Based Online Advertising with Third Parties

For the purpose of retargeting (remarketing) website visitors, as well as for measuring advertising success, third-party cookies (so-called third-party cookies) are used, and usage profiles may be created under a pseudonym. These can be evaluated for advertising and monitoring purposes. A direct inference to a person is not possible.

Advertising cookies are used, for example, for the following purposes:

Storing your website visits to determine your interests and/or accessing the stored information
Checking whether you clicked on an ad
Monitoring the number of visitors who click on an ad (measuring advertising performance)
Using third-party services to display ads tailored to your needs, interests, or preferences
Determining which ads and advertising materials are efficient for us
Displaying ads for products you previously clicked on or searched for
Measuring the number of ads displayed to avoid showing the same ads repeatedly
Displaying more interesting ads based on your use of our websites
Evaluating which ads you clicked on before purchasing products
Number of orders resulting from ads and their monetary value
Creating profiles for personalized content, advertising, and selection
Understanding the audience through statistics or combinations of data from different sources
Developing and improving services

For more information, please refer to the privacy policies of the respective services, which are accessible via the consent management tool. In addition to any opt-out option offered by the listed services, the user can exclude the use of cookies by third-party services. Consent settings can be configured in the consent management tool:

Open Settings

Advertising Services of Traffective GmbH

The processing of personal data for advertising purposes is based on the user’s consent declaration given when accessing the website (if no consent declaration has been given, the corresponding data processing does not take place; the same applies if the consent declaration is revoked). For revoking the consent declaration, we refer to the setting options in the Consent Management Tool.

According to the IAB TCF, the consent refers to the following data processing purposes (see also the table of data processing purposes at https://iabeurope.eu/iab-europe-transparency-consent-framework-policies/):

For all processing purposes, storing information on a user’s device and/or accessing information from a user’s device is necessary (Purpose 1 according to IAB TCF)
Information such as cookies and device identifiers for the processing purposes shown to the user on the device
Cookies, device or similar online identifiers (e.g., login-based identifiers, randomly assigned identifiers, network-based identifiers) may be stored or read on the user’s device together with other information (e.g., browser type and information, language, screen size, supported technologies, etc.) to recognize it each time it connects to an app or website, for one or more of the purposes presented.

Data for this processing purpose may only be obtained with explicit user consent. Without consent to this, no third-party code calls take place via Traffective advertising services – regardless of what legal basis corresponding vendors rely on for further purposes!

Select basic ads (Purpose 2 according to IAB TCF)
Use real-time information about the context in which the ad is displayed, including information about the content environment and the device used, such as device type and features, browser identifier, URL, IP address;
use a user’s approximate location data;
control the frequency of ad displays
control the sequence of ad displays;
prevent an ad from being displayed in an inappropriate editorial environment (brand-unsafe)
For selecting basic ads, vendors may:
Create a personalized advertising profile (Purpose 3 according to IAB TCF)
Collect information about a user, including their activities, interests, website visits or application usage, demographic information or location, to create or edit a user profile for content personalization.
To create a personalized advertising profile, vendors may:
Select personalized ads (Purpose 4 according to IAB TCF)
Select personalized ads based on a user profile or other historical usage data, including previous activities, interests, website visits or application usage, location or demographic information.
For selecting personalized ads, vendors may:

Create a personalized content profile (Purpose 5 according to IAB TCF)
Collect information about a user, including their activities, interests, website visits or application usage, demographic information or location, to create or edit a user profile for content personalization.
To create a personalized content profile, vendors may:
Select personalized content (Purpose 6 according to IAB TCF)
Select personalized content based on a user profile or other historical usage data, including previous activities, interests, website visits or application usage, location or demographic information.
To select personalized content, vendors may:
Measure ad performance (Purpose 7 according to IAB TCF)
measure whether and how ads were displayed to a user and how they interacted with them;
provide reports on ads, including their effectiveness and performance;
provide reports on user interaction with ads, based on data measured during the user’s interaction with that ad;
provide reports for service providers on ads displayed on their services;
measure whether an ad is displayed in an inappropriate editorial environment (brand-unsafe);
determine the percentage to which the ad could have been perceived, including duration (advertising perception chance).
To measure ad performance, vendors may:
Measure content performance (Purpose 8 according to IAB TCF)
measure and report how content was delivered to users and how they interacted with it;
provide reports on directly measurable or already known information from users who interacted with the content
To measure content performance, vendors may:
Use market research to gain insights about audiences (Purpose 9 according to IAB TCF)
provide aggregated reports for advertisers or their representatives about the audiences reached by their ads, obtained through survey panels or similar methods;
provide aggregated reports for service providers about the audiences reached by or interacted with content and/or ads on their services, determined through survey panels or similar methods;
for market research purposes, match offline data to an online user to gain insights about audiences, insofar as providers have declared to match and merge offline data sources (Additional Processing Option 1).

Providers cannot:
measure the performance and effectiveness of ads displayed to or interacted with by a specific user without having their own legal basis for measuring ad performance;
measure what content was delivered to a specific user and how they interacted with it without having their own legal basis for measuring content performance
When using market research to gain insights about audiences, providers may:

Develop and improve products (Purpose 10 according to IAB TCF)
use information to improve their existing products through new features and develop new products;
create new computational models and algorithms using machine learning.
To develop and improve products, providers may:
Use limited data to select content (Purpose 11 according to IAB TCF)
The content presented may be based on limited data, such as the website or app used, the imprecise location, device type, or content that users interact with (or have interacted with) (e.g., to limit the number of times a video or article is presented).

These categories of data processing purposes are specified in the wording reproduced here by the rules of IAB TCF2. The data processing activities and data processing purposes are explained in more detail when accessing the „Partners“ tab in the Consent Management Tool, including the storage duration. Some vendors base these data processing activities for the above-mentioned purposes (Purpose 2 to 11) on legitimate interest according to Art. 6 Para. 1 lit. f GDPR (unless „legitimate interest“ has been deactivated by you). The vendors‘ interest consists in delivering advertising, measuring the performance of ads and content, and improving and developing their products. The user is given the option to opt-out directly in the consent dialog.

Some of the services listed in the Consent Management Tool transmit data to the USA. Where this is the case, the transmission is made exclusively based on your consent according to Art. 49 Para. 1 lit. a GDPR. You give your consent through appropriate selection in the Consent Management Tool that is displayed to you when accessing our site.
We point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. There is no general adequacy decision by the EU for data transfers to the USA, nor does the provider process the data according to standard data protection clauses approved by the EU Commission. This means that data transmitted to these providers is not protected according to GDPR standards. The provider is subject to US law and may therefore be required to surrender data to intelligence services if the corresponding legal requirements are met. Risks for data subjects exist particularly through difficult legal enforcement, lack of control over further processing or disclosure of data, and the above-described access by government agencies. Additionally, language barriers can hinder legal enforcement.
Depending on the company, the EU-USA Data Protection Agreement „Data Privacy Framework“ may serve as the basis for data processing, which enables the lawful transmission of personal data to a third country in accordance with European data protection regulations (cf. Art. 45 GDPR). To learn more about the „Data Privacy Framework“ (DPF) and view the list of already DPF-certified companies, please visit https://www.dataprivacyframework.gov/.
ONLY WHEN USING THE TRAFFECTIVE CONSENT MANAGEMENT TOOL:
The Consent Management Tool is provided by Traffective GmbH, Dachauer Str. 90, 80335 Munich. Traffective participates in the IAB Europe Transparency & Consent Framework and works according to its specifications and guidelines. Traffective transmits consent signals via their management platform with identification number 21. The tool uses the following service calls:

URL	Name	Purposes	Personal data processed by third-party service	Transmitted parameters	Storage duration	Legal basis
cdn.opencmp.net	Traffective GmbH Consent Tool	Display of consent – CMP service	Generation of consent string, storage in first-party cookie	trf-euconsent-meta, trf-euconsent-v2, euconsent-v2 trf-euconsent-meta, trf-euconsent-v2, euconsent-v2 trf-euconsent-meta, trf-euconsent-v2, euconsent-v2	365 days	legitimate interest
cdntrf.com	Traffective GmbH	Content Delivery Network – CMP service	Preparation for receiving consent signals, after user action the following local storage entries are set (see transmitted parameters)	Local Storage: pbjs-unifiedid – Example value: %7B%22TDID%22%3A%229b6e3213-da23-4648-b5c7-da8ae209cf1b%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222020-09-13T15%3A56%3A52%22%7D, pbjs-unifiedid_exp: 60 days, prebid.cookieTest:1, pubcid – Example value:43d1d917-7ecd-46cc-875e-83a687b284bd, _pubcid_exp: 365 days.	1 hour	legitimate interest
d2wu036mkcz52n.cloudfront.net	Traffective GmbH Consent Tool	Counting of consent banner – CMP service	pure counting pixel of actions in consent management banner		365 days	legitimate interest

ID5

We use services of the digital advertising platform ID5 with headquarters at 199 Bishopsgate, London EC2M 3TY, United Kingdom. ID5 establishes a unique ID for each visitor, enabling third-party advertisers to target the visitor with relevant advertising and place real-time offers. ID5 collects information such as email address (in pseudonymized form), IP address and/or information about the browser or operating system and uses this to create an ID that can recognize users on their devices. This ID contains no identifiable personal data. We may place this ID in our first-party cookie or use an ID5 cookie and allow it to be used for online advertising. This ID may be shared by us or on our behalf with our advertising partners and other third parties worldwide to enable interest-based content and/or targeted advertising (e.g., web, email, connected devices, in-app advertising, etc.).

Data processing is based on your consent (Art. 6 Para. 1 S. 1 lit. a) GDPR), which can be revoked at any time. Furthermore, there is the possibility of objection if the data is processed based on legitimate interest (Art. 6 Para. 1 S. 1 lit. f) GDPR). A legitimate objection and revocation have no effect on data processing operations that have already taken place. If you do not want tracking via the ID5 ID, please use the opt-out option on the following provider website: https://id5-sync.com/privacy.

The data is processed by ID5 in the United Kingdom, among other places. However, for such data transfer, there is a so-called adequacy decision by the European Commission according to Art. 45 GDPR, ensuring a comparable level of data protection. An adequate level of data protection for transfer to ID5 partners is additionally secured through the conclusion of EU standard contractual clauses.

Further information about ID5 and the technologies and partners used can be found in the provider’s privacy policy: https://www.id5.io/privacy-policy.

Children

Persons under 18 years of age should not transmit personal data to us without consent from parents or legal guardians.

Links to External Offers

We link to websites of other providers not affiliated with us (third parties). When you click these links, we have no further influence on what data these providers collect and use. More detailed information about data collection and use can be found in the privacy policy of the respective provider. Since data collection and processing by third parties is naturally beyond our control, we cannot assume responsibility for this.

Information/Revocation/Deletion

You can contact us free of charge with questions about the collection, processing or use of your personal data and their correction, blocking, deletion or revocation of given consent based on the Federal Data Protection Act. We point out that you have the right to correction of false data or deletion of personal data, provided this claim is not opposed by a legal retention obligation.

Right to Complaint with the Competent Supervisory Authority

In case of data protection violations, the data subject has the right to complain to the competent supervisory authority. The competent supervisory authority for data protection matters is the State Data Protection Officer of the federal state where our company is based (North Rhine-Westphalia). A list of data protection officers and their contact data can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Severability Clause

If parts or individual formulations of this text do not, no longer, or not completely correspond to the applicable legal situation, the remaining parts of the document remain unaffected in their content and validity.