We, mesics GmbH, are pleased that you are visiting our website. The following privacy policy applies to our following pages:

mesics.de
humandatahub.com
labconnector.de

Data protection and data security are very important to us when using our website. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes it is used.
This data protection declaration on the processing of data informs you about the processing of your personal data (hereinafter referred to as „data“) and your existing data protection rights in this regard. If you have any questions about the content of the privacy policy, you can always contact us at the following address:
datenschutz@mesics.de
This privacy policy applies to all data processing carried out by us, both in the context of the provision of our services and in particular on our websites and external online presences, such as our social media profiles (hereinafter referred to as „online offer“).
Since changes in the law or changes to our internal company processes may make it necessary to adapt this Privacy Policy, we would like to ask you to read this Privacy Policy regularly.

I. Controller
The controller of data processing is:

mesics GmbH
Schreiberstr. 24,
48149 Münster,
Germany

The person authorized to represent the company is the managing director Joachim Magera
E-mail address: jm@mesics.de
Phone: 0049 251 5349973

II. Legal basis for processing
According to Art. 6 para. 1 General Data Protection Regulation („GDPR“), any processing of data requires a legal basis.
Art. 6 (1) (a) GDPR is the legal basis for processing operations in which we obtain consent for a specific processing purpose.
Art. 6 para. 1 lit. b) GDPR is the legal basis for the processing of personal data for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures.
Art. 6 (1) (c) GDPR is the legal basis for the processing of personal data in the event of a legal obligation.
Article 6 (1) (d) GDPR is the legal basis for the processing of personal data when the vital interests of the data subject or another natural person need to be protected.
Article 6 (1) (f) GDPR is the basis for the processing of personal data in the event of a legitimate interest of ours. This is to be assumed when it comes to the conduct of our business activities and if a balancing of interests has shown that the conduct of the business activities outweighs the rights of the data subject.
In addition to the data protection regulations of the GDPR, national regulations on data protection apply. For Germany, this includes in particular the Federal Data Protection Act – BDSG.

III. Rights of data subjects
We take the protection of your personal data seriously and want to protect your rights. We therefore only store your personal data for as long as this is permitted by law for the purposes listed below.
We would like to draw your attention to your rights, in particular the right to

• Information about what data we have stored about you;
• correction, should incorrect data be stored by us despite our efforts to provide correct and up-to-date data;
• Deletion Your data, unless there is an exceptional case that justifies further processing;
• Restriction of processing, if there is a legitimate reason for doing so.
• Objection to data processing;
• a copy of the data and, if applicable, a transfer of the data to other controllers;
• Revocation Your consent with effect for the future, if you have given us consent for the processing of your data.

In all of the above cases, please contact:

mesics GmbH
Schreiberstr.24, 48149 Münster
info@mesics.de 0049 251 5349973

If you have any questions, please feel free to contact us at any time.
If you have reason to complain, you can also contact a supervisory authority. The supervisory authority primarily responsible for us is:

2-4
40213 Düsseldorf
Phone: 0211/38424-0
Fax: 0211/38424-999
E-mail: poststelle@ldi.nrw.de
Fax: 04 31/988-12 23
E-mail: mail@datenschutzzentrum.de
Homepage: https://www.datenschutzzentrum.de

IV. Security measures to protect your data
In order to avoid risks and ensure an adequate level of protection, we take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the impairment of the rights and freedoms of natural persons.

1. SSL encryption

Your data transmitted as part of the online offer is protected by SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

2. Transfer of personal data to other entities

In the context of the processing of personal data, it may happen that the data is transmitted to other bodies such as companies, legally independent organizational units or other persons or that they are disclosed to them. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, for example, conclude appropriate contracts with the recipients of your data to ensure the protection of your data.
V. Processing of personal data

1. Contractual and pre-contractual services

As a customer or user of our online offer (hereinafter referred to as „contractual partner“), we process your data within the framework of contractual and quasi-contractual legal relationships, as well as related measures and in the context of communication with you. We will only pass on your data to third parties within the scope of applicable law to the extent that this is necessary for the aforementioned purposes or to fulfil legal obligations or is done with your consent. We will inform you as a contractual partner which data is required for the aforementioned purposes before or as part of the data collection. However, this regularly includes the following information when ordering software or diagnostic services: first name, last name, email address, telephone number, street, house number, zip code, city, country, date of birth, weight in kilograms, type of sport, area of application, amount of training per week (hours), current sporting performance and personal objectives. If we process your health data within the meaning of Art. 9 GDPR that is necessary for the provision of our services, this will be done on the basis of a consent that we obtain separately from you. After expiry of the statutory warranty and/or comparable periods, we delete the data, unless the data is stored in a customer account and must therefore be retained for archiving for legal reasons (e.g. for tax and accounting purposes for a period of 10 years). Data that has been transmitted to us by you as part of a contractual obligation will generally be deleted after the end of the contract or at the time of fulfilment of all obligations under the contract, unless there is a different statutory provision. If we use third parties to provide our services, please also note their terms and conditions and privacy policies.

2. Data processing in third countries

If your data is processed in a third country, i.e. outside the European Union) and the European Economic Area (EEA), such as in particular in the case of the processing of the data in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with and in accordance with the legal requirements. We only have the data processed by third parties in third countries on the basis of your express consent or a transfer required by contract or law. To this end, we observe a correspondingly recognised level of data protection. The processing is therefore carried out in particular only on the basis of special guarantees, such as contractual obligations through so-called standard contractual clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (cf. Art. 44 to 49 GDPR). You can find more about this on the EU Commission’s information page:
 https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de.

3. Use of cookies

„Cookies“ are small text files containing data from visited websites or domains that are stored by the browser on the user’s computer in order to obtain information about the use of the online offer offered. The stored information may include, for example, user-defined preferences such as language settings on a website, login status, user IDs or the contents of a shopping cart. Before we process or have data processed with the help of cookies, we ask you for your consent, which can be revoked at any time, in the context of a so-called cookie banner, which is displayed before you use our online offer. Without the declaration of consent, cookies that are absolutely necessary for the operation of our online offer will be used. If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a. GDPR, we use cookies to process your usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses). We store these cookies for a maximum period of 2 years.

4. Management of customer and prospect data

We use the ZenDesk online service to organize the information you provide as our customer or prospect. Payment data (e.g. bank details, invoices, payment history) will be transmitted to our contractual partner Shopify in the event of shop use (see 7. Webshop and e-commerce). Our customers are affected by this. The processing takes place within the framework of the fulfilment of contractual services and our customer service. The legal basis for the processing is the fulfilment of the contract and the processing of pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), as well as the legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR). As a service provider for our customer administration, we use the online service „ZenDesk“: The provider of „ZenDesk“ is Zendesk GmbH c/o TaylorWessing – Neue Schönhauser Str. 3-5 – 10178 Berlin – Germany You can find ZenDesk’s imprint at 
https://www.zendesk.de/impressum/
ZenDesk’s privacy policy can be found at
 https://www.zendesk.de/company/agreements-and-terms/privacy-notice/

5. Account

Within our online offer, specifically on our website, you can create a customer account as a contractual partner („customer account“). If the registration of a customer account is required, you as the contractual partner will be informed of this as well as of the information required for registration. The customer accounts are not public and cannot be indexed by search engines. As part of the registration as well as subsequent logins and uses of the customer account, we store the IP addresses as well as the access times in order to be able to trace any misuse of the customer account. If you as a customer have terminated your customer account, the data relating to the customer account will generally be deleted, unless there is a legal obligation to store this data.

6. Economic analyses/market research

We collect data from our contractual partners when using our online offer in order to carry out economic analyses and market research for business reasons. This includes, in particular, data collection with regard to market trends, the wishes of contractual partners and users. The purpose of the analyses is business evaluations, marketing and market research (e.g. to determine customer groups with different characteristics). The analyses are for our sole purpose and will not be disclosed to third parties. In particular, we take into account the privacy of the users and process the data for analysis purposes as pseudonymously as possible and, if actually and technically feasible, anonymously (e.g. as summarized data).

7. Webshop, e-commerce and online payment services

We process your data as a customer in order to enable you to select, purchase or order the selected products, goods and related services, as well as their payment and delivery or execution. We mark the required information as such as part of the order or comparable purchase process. This includes the information required for delivery, provision and invoicing, as well as contact information in order to be able to consult with us if necessary. In this context, in addition to our privacy policy, the privacy policy of the respective platforms applies. This applies in particular with regard to the methods used on the platforms for reach measurement and interest-based marketing.
For this purpose, we process/transmit inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. e-mail, telephone numbers), contract data (e.g. subject matter of the contract, term, customer category), usage data (e.g. websites visited, interest in content, access times), as well as meta/communication data (e.g. device information, IP addresses) to the service provider. Our customers are affected by this. The processing takes place within the framework of the fulfilment of contractual services and our customer service. The legal basis for the processing is the fulfilment of the contract and the processing of pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), as well as the legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
We use „shopify“ as a service provider for our e-commerce offering. This is an e-commerce platform and a cloud service provider. The provider of „shopify“ is Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; You can find more about this on the website of „shopify“:
 https://www.shopify.de;
You can find shopify’s privacy policy at: 
https://www.shopify.de/legal/datenschutz.
We use the online payment service „Stripe“ for the processing of offers, invoices and reminders. Stripe is, among other things, a payment processor (embedded finance) based in the USA. The provider is Stripe, Inc., 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA. Stripe’s official website is 
https://stripe.com.
You can find Stripe’s privacy policy here:
 https://stripe.com/de/privacy

8. Provision of the online offer, web hosting and collection of access data and log files

To provide our online offer, we use the services of one or more web hosting providers. When you use our online offer, we collect data. This includes all information that accrues in the course of use and communication as well as every time the server is accessed (so-called „server log files“). The server log files can include the address and name of the websites and files accessed, date and time of access, data volumes transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL and, as a rule, IP addresses and the requesting provider.
The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of abusive attacks, so-called „DDoS attacks“) and to ensure the load on the servers and their stability. We process content data (e.g. text input, photographs, videos), usage data (e.g. websites visited, interest in content, access times), as well as meta/communication data (e.g. device information, IP addresses). This includes users (e.g. website visitors, users of online services). The legal basis results from the legitimate interest (Art. 6 para. 1 sentence 1 lit. f. GDPR) in the integrity of our server structure and the security of our systems.

9. Contact

In the context of contacting us (e.g. via contact form, e-mail, telephone or via social media), the information of the enquiring persons will be processed, but only to the extent necessary to answer the contact enquiries and any requested measures.
We process inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), as well as content data (e.g. text entries, photographs, videos). Communication partners are particularly affected for the purpose of contact requests and communication. The legal basis for the processing results from the performance of the contract and the processing of pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), as well as the legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR). The response to contact enquiries within the framework of contractual or pre-contractual relationships is carried out in order to fulfil our contractual obligations or to answer (pre-)contractual enquiries and otherwise on the basis of the legitimate interests in answering the enquiries.

10. Newsletter 

Newsletters, e-mails and other electronic notifications (hereinafter referred to as „newsletters“) are only sent with the consent of the recipients or legal permission. If its contents are specifically described in the context of a registration for the newsletter, they are decisive for the consent of the users. Our newsletters contain information about us and our services.
To register for the newsletter, it is generally sufficient to enter your e-mail address. However, we may ask you to provide a name for the purpose of addressing you personally in the newsletter or other information if it is necessary for the purposes of the newsletter.
We use the marketing automation platform „Intuit Mailchimp“ to send newsletters. Mailchimp’s provider is The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. You can find the privacy policy of „Intuit Mailchimp“ here: 
https://www.intuit.com/privacy/statement/
a. Subscription to the newsletter
Registration for our newsletter is generally carried out in a so-called double opt-in procedure. After subscribing to the newsletter, you will receive an e-mail asking you to confirm your registration. This confirmation is required so that no one can log in with someone else’s email addresses. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the login and confirmation time and the IP address. Changes to your data stored by the shipping service provider will also be logged.
b. Deletion and restriction of processing
For the purpose of proving that you have given your consent, we will store your unsubscribed e-mail address on the basis of a legitimate interest for a period of up to 3 years after you unsubscribe from the newsletter distribution list. The processing of this data is limited to the purpose of a possible defence against claims. However, an individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time. In the event of obligations to permanently observe contradictions, we reserve the right to store the e-mail address in a blacklist for this purpose alone.
The newsletter is sent on the basis of the consent of the recipients of the newsletter. If a service provider is engaged to send emails, this is done on the basis of our legitimate interests. The newsletter registration procedure is recorded on the basis of our legitimate interests to prove that it has been carried out in accordance with the law.
The newsletters contain a so-called „web beacon“, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or, if we use a shipping service provider, from its server. As part of this retrieval, we or the service provider first collect technical information, such as information about the browser and your system, as well as your IP address and the time of access.
We use this information to improve our newsletter based on the technical data or the target groups and their reading behaviour. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. The evaluation of the newsletter and the measurement of success are carried out, subject to the express consent of the users, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and meets the expectations of the users.
Unfortunately, it is not possible to revoke the performance measurement independently. In this case, the entire newsletter subscription must be terminated or objected to.
We process inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), as well as usage data (e.g. websites visited, interest in content, access times). This includes communication partners. The processing of the data serves direct marketing (e.g. by e-mail or post) The legal basis is consent (Art. 6 para. 1 sentence 1 lit. a GDPR) or legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
In addition, we point out the possibility of objection (opt-out). You can cancel the receipt of our newsletter at any time, i.e. revoke your consent, or object to further receipt. You will find a link to unsubscribe from the newsletter either at the end of each newsletter or you can use one of the contact options listed above.
We use the email marketing platform „Mailchimp“ to send our newsletters. The service provider of „Mailchimp“ is Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. For more information, please visit the website: 
https://mailchimp.com. You can find the privacy policy at: https://mailchimp.com/legal/privacy/;

11. Promotional communication

For the purpose of advertising communication, we process data that can be provided via various channels, such as e-mail, telephone, post or fax, in accordance with the legal requirements.
Recipients have the right to revoke their consent at any time or to object to advertising communications at any time.
For the purpose of proving that you have given your consent, we will store your unsubscribed email address on the basis of a legitimate interest for a period of up to 3 years after your withdrawal of consent or your objection. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.
We process inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers) of our communication partners for the purpose of direct marketing (e.g. by e-mail or post) on the legal basis of consent (Art. 6 para. 1 sentence 1 lit. a GDPR), as well as legitimate interest (Art. 6 para. 1 sentence 1 lit. f. GDPR).

12. Optimization of services and web analysis

For the purpose of evaluating the number of visitors to our online offer, we use web analysis (also known as „reach measurement“). For this purpose, the behaviour, interests or demographic information of the visitors, such as age or gender, can be recorded as pseudonymous values. With the help of the reach analysis, we can identify, for example, at what time our online offer or its functions or content are used most frequently or invite reuse. We can also understand which areas of the online offer need to be optimized. In addition to web analysis, we may also use test procedures, e.g. to test and optimize different versions of our online offer or its components.
For this purpose, so-called „user profiles“ can be created and stored in a „cookie“ or used in a similar process with the same purpose. This information may include, for example, content viewed, websites visited and elements used there, and technical information such as the browser used, the computer system used, and information on times of use. If users have consented to the collection of their location data, this may also be processed, depending on the provider.
The IP addresses of the users are also stored. In order to be able to guarantee the protection of users, we use an IP masking procedure (pseudonymization by shortening the IP address). Furthermore, no clear data of users (such as e-mail address or name) is generally stored in the context of web analysis, A/B testing and optimization, but pseudonyms. Neither we nor the providers of the software used for reach measurement know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.
If we ask you for consent to the use of the third-party providers, the legal basis for the processing of data is consent in accordance with Art. 6 (1) sentence 1 (a) GDPR. Otherwise, the users‘ data will be processed on the basis of our legitimate interests, in this case the interest in efficient, economical and recipient-friendly services.
This affects users (e.g. website visitors, users of online services) for the purpose of reach measurement (e.g. access statistics, recognition of returning visitors), tracking (e.g. interest/behavioural profiling, use of cookies), visit action evaluation, creation of user profiles (profiling). In this respect, you enjoy protection via IP masking (pseudonymization of the IP address). The legal basis for this is consent (Art. 6 para. 1 sentence 1 lit. a GDPR), as well as legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

13. Online marketing

We process personal data for online marketing purposes, which may include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as „content“) based on the potential interests of users and the measurement of their effectiveness.
For these purposes, „user profiles“ are created and stored in a „cookie“ or a similar process is used to store the information about the user relevant to the presentation of the aforementioned content. This information may include, for example, content viewed, websites visited, online networks used, but also communication partners and technical information, such as the browser used, the computer system used and information on times of use. If users have consented to the collection of their location data, this can also be processed.
The IP addresses of the users are also stored. In order to be able to guarantee the protection of users, we use an IP masking procedure (pseudonymization by shortening the IP address). In general, no clear data of the users (such as e-mail addresses or names) is stored in the context of the online marketing process, but pseudonyms. Neither we nor the providers of the online marketing procedures know the actual identity of the users, but only the information stored in their profiles.
The information in the profiles is stored in the cookies or by similar methods. In general, these cookies can also be read on other websites that use the same online marketing process and analysed for the purpose of displaying content. In addition, other data can also be supplemented and stored on the server of the online marketing procedure provider.
It should be noted that in exceptional cases, clear data can be assigned to the profiles, e.g. if the users are members of a social network whose online marketing methods we use and the network connects the profiles of the users with the aforementioned information. We ask you to note that users can make additional agreements with the providers, e.g. by giving their consent during registration.
As a matter of principle, we only have access to aggregated information about the success of our advertisements. However, within the framework of so-called conversion measurements, we can check which of our online marketing procedures have led to a so-called conversion (e.g. a conclusion of a contract with us). Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.
The legal basis is generally consent, provided that we ask the users for their consent to the use of the third-party providers. Otherwise, the users‘ data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services).
We use Facebook pixels for online marketing purposes. With the help of the Facebook pixel, Facebook is able to determine the visitors of our online offer as the target group for the display of ads (so-called „Facebook ads“). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those users on Facebook and within the services of the partners cooperating with Facebook (so-called „Audience Network“ https://www.facebook.com/audiencenetwork/ ) who have also shown an interest in our online offer or who have certain characteristics (e.g. interest in certain topics or products that become apparent from the websites visited) that we transmit to Facebook (so-called „Custom Audiences“). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. The Facebook pixel also allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called „conversion measurement“).
In doing so, we process usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), as well as location data (data indicating the location of an end user’s device) for the purpose of tracking (e.g. interest/behavioural profiling, use of cookies), remarketing, visitation action, interest-based and behavioral marketing, creation of user profiles (profiling), conversion measurement, reach measurement (e.g. access statistics, recognition of returning visitors), target group formation (determination of target groups relevant for marketing purposes or other output of content), cross-device tracking (cross-device processing of user data for marketing purposes). You will be protected by IP masking (pseudonymization of the IP address). The legal basis for this is consent (Art. 6 para. 1 sentence 1 lit. a GDPR), as well as legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
We would also like to draw your attention to your opt-out option. In doing so, we refer to the data protection information of the respective providers and the options for objection to the providers (so-called „opt-out“). Unless an explicit opt-out option has been specified, there is the possibility that you can switch off cookies in the settings of your browser. However, this may limit the functions of our online offer. We therefore also recommend the following opt-out options, which are offered collectively for the respective territories: a) Europe: https://www.youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA: https://www.aboutads.info/choices. d) Cross-territorial: https://optout.aboutads.info.
We use the following service providers in the context of online marketing:
We use „Google Analytics“ for online marketing and web analysis purposes The service provider of Google Analytics is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; For more information, please visit the website: https://marketingplatform.google.com/intl/de/about/analytics/, as well as the privacy policy: https://policies.google.com/privacy; Opt-out: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements: https://adssettings.google.com/authenticated.
We use Facebook pixels. The service provider of Facebook pixel is https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; You can find more information on the website: https://www.facebook.com, as well as the privacy policy https://www.facebook.com/about/privacy; Opt-out: https://www.facebook.com/settings?tab=ads.

14. Social Media

As part of our online offering, we use social media platforms to communicate with the users active there or to offer information about us.
User data may be processed outside the area of the European Union. This can result in risks for users, for example, because it could make it more difficult to enforce the rights of users.
As a rule, user data is processed within social networks for market research and advertising purposes. For example, usage profiles can be created based on the user behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the networks that presumably correspond to the interests of the users. In principle, cookies are stored on the users‘ computers, in which the user’s usage behaviour and interests are stored. In doing so, data may also be stored in the user profiles regardless of the devices used by the users, in particular if the users are members of the respective platforms and are logged in to them.
For a detailed description of the respective forms of processing, the options for objection (opt-out) and further information, please inquire directly with the operators of the respective social networks.
In connection with social media, we process inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), as well as meta/communication data (e.g. device information, IP addresses) of users (e.g. website visitors, users of online services) for the purpose of contact requests and communication, tracking (e.g. interest/behavioural profiling, use of cookies), remarketing and reach measurement (e.g. access statistics, recognition of returning visitors). The legal basis for this is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f. GDPR) to present information about ourselves and our company and to derive from this what business advantages we can derive from it.
We use the following social networks:
We use the social network „Instagram“. You can find more information on the https://www.instagram.com website and in the privacy policy https://instagram.com/about/legal/privacy.
We use the social network „Facebook“. The service provider is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA. You can find more information on the 
website https://www.facebook.com, as well as the privacy policy: https://www.facebook.com/about/privacyYou can find the opt-out option for advertising settings on https://www.facebook.com/settings?tab=ads;. Additional privacy notices, such as the agreement on the joint processing of personal data on Facebook Pages, can be found on https://www.facebook.com/legal/terms/page_controller_addendum, and additional privacy notices for Facebook Pages can be found on https://www.facebook.com/legal/terms/information_about_page_insights_data.
We use the social network „YouTube“. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, as well as https://policies.google.com/privacy in the Privacy Policy; Opt-out: https://adssettings.google.com/authenticated.

15. Anti-spam tool

To avoid and prevent spam, we use the tool „Antispam Bee“ by Sergej Müller and the so-called „plugin collective“. The provider assures that the tool is 100% GDPR-compliant and does not process any personal data. Exceptionally, Antispam Bee may send your IP address to a public spam database for spam scanning. In addition, there is the possibility that your IP address will be sent to the servers of the operating company to determine the country affiliation in order to allow or block comments from certain countries.
If we ask users for their consent to the use of the third-party service providers, the legal basis for processing data is consent. Otherwise, the users‘ data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services).
The tool is offered by the „plugin collective“. You can find more information here: https://pluginkollektiv.org/ and on the website of the WordPress operator: https://wordpress.org/plugins/antispam-bee/.
The operator of WordPress is Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.

16. Plugins/embedded functions and content

Our online offer integrates functional and content elements that are obtained from the servers of the respective providers (hereinafter referred to as „third-party providers“). This can be, for example, graphics, videos or social media buttons as well as posts (hereinafter „Content“).
For this purpose, the third-party content providers process the IP address of the users, as without the IP address they would not be able to send the content to their browser. The IP address is therefore required for the display of this content. Third-party vendors may also use pixel tags (invisible graphics, also known as „web beacons“) for statistical or marketing purposes. The „pixel tags“ can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and the operating system, referring websites, the time of visit and other information about the use of our online offer, as well as be linked to such information from other sources.
If we ask users for their consent to the use of the third-party service providers, the legal basis for processing data is consent. Otherwise, the users‘ data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services).
We process usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos) of users (e.g. website visitors, users of online services) for the provision of our online offer and user-friendliness, as well as the fulfilment of contractual services and the Providing service, security measures, management and responding to requests. This is based on the legal basis of legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), as well as the fulfilment of the contract and the handling of pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR).
We use the following external services:
We integrate the „ReCaptcha“ function to detect bots, e.g. when entering online forms. The behavior of the users (e.g. mouse movements or queries) is evaluated in order to be able to distinguish humans from bots. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; You can find more information on https://www.google.com/recaptcha/; as well as in the privacy policy on https://policies.google.com/privacy; Opt-out: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements: https://adssettings.google.com/authenticated.
We also use „YouTube videos“. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; You can find more information on https://www.youtube.com; as well as in the privacy policy: https://policies.google.com/privacy. You can find the opt-out option using the opt-out plugin on https://tools.google.com/dlpage/gaoptout?hl=de, and you can find more settings for the display of ads on https://adssettings.google.com/authenticated.
VI. Deletion of data
We delete the data we process in accordance with the legal requirements as soon as the consent given to the processing is revoked or other justifications no longer apply (e.g. if the purpose of the processing of this data has ceased to exist or it is not necessary for the purpose).
If the data is not deleted because it is necessary for other and legally permissible purposes, it will be limited to the extent that the data is blocked and cannot be processed for other purposes. This applies in particular to data that must be retained for commercial or tax law reasons or the storage of which is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.