Data Policy

1. General

With the following information, you will get an overview of what happens with your personal data when you visit our website or use services via the website. Personal data are all data with which you can be personally identified. We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. Detailed information on the subject of data protection can be found in our privacy policy listed under this text.

The data processing on this website is carried out by RiskCube GbR, Lothstraße 21, 80797 Munich. Our contact details can be found in the imprint of this website at www.riskcube.ai.

Your data may be collected in two ways: by you providing it to us or automatically through IT systems when you visit the website. This can include data you enter in a contact form or technical data (e.g., internet browser, operating system, or time of page access). This data collection happens automatically as soon as you enter our website. Some of the data is collected to ensure error-free provision of our website. Other data can be used to analyze your user behavior.

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time free of charge. You also have the right to request the correction, blocking, or deletion of this data. Details can be found in this privacy policy. For these purposes, as well as for further questions about data protection, you can contact us at any time at the address provided in the imprint. Additionally, you have the right to file a complaint with the competent supervisory authority, the Bavarian State Office for Data Protection Supervision (www.lda.bayern.de).

When visiting our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy. You have the option to object to this analysis. We will inform you about the objection options in this privacy policy.

The responsible entity for data processing on our website is: www.riskcube.ai

RiskCube, GbRLothstr. 2180797, Munich

Email: info@riskcube.ai

The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

‍

2. Contact Details

The protection of your personal data is of utmost importance to us. Please contact our data protection officer for any questions related to data protection and data security:

Andrei Craciunescu
RiskCube GbR
Lothstr. 21
80797 Munich
Email Address: info@riskcube.ai

3. Data Collection

3.1. General Data Collection:

When you access our website, your web browser transmits usage data to our web server. This is the only way our web server can present the website to your web browser. These usage data are present in the HTTP/S header, are automatically sent by you, and are used during the duration of the page access.

The usage data include, among other things:

• the name of the accessed website or file
• the date and time of the access
• the time zone difference from Greenwich Mean Time (GMT)
• the amount of data transferred
• a message about the successful retrieval (access status/HTTP status code)
• the browser type, including version and language, and the operating system
• the referrer URL (previously visited page)
• the IP address and requesting provider

The aforementioned data serve the purpose of establishing the technical connection of the website, evaluating system security and stability, and for administrative purposes.

The legal basis for this data processing is Article 6(1)(f) of the GDPR. Our legitimate interest is derived from the purposes listed above for data collection. The collected data is not used to draw conclusions about your person.

3.2. Data Collection via the Website/Applicant Procedure:

If you make an inquiry as part of a contractual relationship or to initiate a contract, the data processing is carried out under Article 6(1)(b) of the GDPR. In all other cases, we process your data based on your consent according to Article 6(1)(a) of the GDPR.

You can contact us through our website or contact form, as well as by phone, fax, email, or other communication methods. Providing your information is voluntary. Along with your voluntary information, we also process the time of the inquiry and, for technical reasons, your usage data related to the communication method, such as phone number or email address.

The collected data is used for individual communication with you, for initiating or executing a contract. The personal data collected by us through the contact form will be deleted after the completion of your inquiry, and at the latest after the expiration of the legal retention periods.

We also collect and process personal data from applicants for the purpose of conducting application procedures. You can find the individual data on the application form. The basis for data processing is Article 6(1)(b) of the GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

The collected customer data will be deleted either after the completion of the order or after the end of the business relationship. Statutory retention periods remain unaffected.

We point out that communication via email may have security vulnerabilities despite extensive technical and organizational measures. If you wish to transmit confidential information, we recommend using encrypted transmission.

3.3. Data Shared with Third Parties

We would like to point out that we may transmit your contact data to our contract partners, for example, if you have made an inquiry to us.

We share personal data with service providers who perform services on our behalf according to our instructions. We allow these providers to use or disclose the data only to the extent necessary for providing the services on our behalf or to comply with legal requirements.

We may also disclose your personal data as follows:

• to subsidiaries and affiliated companies;
• if you are an applicant or interested party, to customers with open positions or projects;
• to other parties, such as subcontractors, with whom we work to find a suitable position for you.

Additionally, we are required to disclose your personal data if this is legally or legally required, for example, to law enforcement authorities.

We may also transfer personal data to recipients in countries other than the original country of data collection. These countries may not have the same data protection laws as Germany. If we transfer data to other countries, we protect this data as described in this privacy policy. The countries to which we transfer personal data may also be outside the European Union. To ensure a high level of data protection within the European Union, we only allow data processing in a third country if the specific conditions of Articles 44 et seq. of the GDPR are met. This means that the processing of your data may only occur based on specific guarantees.

Further transmission of the data will not occur unless you have expressly consented to it. We do not share your data with third parties without explicit consent, such as for advertising purposes.

The basis for data processing is Article 6(1)(b) of the GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

The collected customer data will be deleted either after the completion of the order or after the end of the business relationship. Statutory retention periods remain unaffected.

3.4. Cookies

Our website uses so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not cause any harm to your computer and do not contain viruses. Cookies help make our offer more user-friendly, effective, and secure. Most of the cookies we use are session cookies. They are automatically deleted after your visit. Other cookies remain on your device until you delete them. These cookies allow us to recognize your browser on your next visit. You can configure your browser to inform you about the setting of cookies and to allow cookies only on a case-by-case basis, exclude the acceptance of cookies for certain cases or generally, and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

Cookies that are necessary for the execution of electronic communication processes or for providing certain, requested functions are stored based on Article 6(1)(f) of the GDPR. As advertisers, we have a legitimate interest in storing cookies for technically error-free and optimized service provision. As for other cookies (e.g., cookies for analyzing your surfing behavior), these are handled separately in this privacy policy.

The legal basis for the processing of your personal data in connection with the use of cookies and similar technologies for the purpose of comfort improvement, website optimization, and user behavior analysis is your consent according to Article 6(1)(a) of the GDPR. By clicking the “Accept Cookies” button, you consent to whether you accept only necessary cookies or additional cookies, so we can process your website and device cross-server behavior for comfort improvement, website optimization, user behavior analysis, and delivering personalized advertising. Please note that the United States (USA) is considered a third country with an inadequate level of protection for your personal data. For example, US authorities can access your data stored by our service providers without specific cause and without judicial authorization. This consent is voluntary and not necessary for the use of our websites. Within the privacy policy, you can deactivate individual cookie categories and thus withdraw your consent at any time with effect for the future. The setting of so-called “technically necessary cookies,” which simplify the use of our websites and mobile apps and enable some functionalities of our websites, is mandatory and does not require consent.

You can change your cookie settings through our website via the “Cookie Settings” link.

3.5. Contact Form

When you send us inquiries via the contact form, your information from the form, including the contact details you provide, will be stored by us for processing the inquiry and in case of follow-up questions. The processing of this data is based on Article 6(1)(b) of the GDPR, if your inquiry is related to the fulfillment of a contract or necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing inquiries directed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if it was requested; consent can be withdrawn at any time. The data you provide in the contact form will remain with us until you request deletion, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g., after processing your inquiry). Mandatory statutory provisions—particularly retention periods—remain unaffected.

3.6. Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all personal data you provide (name, inquiry), will be stored and processed by us for the purpose of addressing your concerns. The processing of this data is based on Article 6(1)(b) of the GDPR, if your inquiry is related to the fulfillment of a contract or necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively addressing inquiries directed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if it was requested; consent can be withdrawn at any time. The data you send us through contact inquiries will remain with us until you request deletion, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g., after processing your concern). Mandatory statutory provisions—especially statutory retention periods—remain unaffected.

3.7. Newsletter

We use SendinBlue for newsletter distribution. The provider in Germany is SendinBlue GmbH, Köpenicker Straße 126, 10179 Berlin. SendinBlue is a service that organizes and analyzes newsletter distribution. The data you provide for receiving the newsletter (e.g., email address) will be stored on SendinBlue's servers. Our newsletters sent via SendinBlue allow us to analyze the behavior of newsletter recipients. This includes analyzing how many recipients have opened the newsletter and how often each link in the newsletter was clicked. All links in the email are tracking links that can count your clicks. If you do not wish to be analyzed, you must unsubscribe from the newsletter. We provide a corresponding link in each newsletter for this purpose. Furthermore, you can also withdraw your consent at any time with future effect by email to the address provided in this statement (see above). The data you have provided for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and SendinBlue’s servers after unsubscribing. Data that was stored with us for other purposes (e.g., email addresses for sweepstakes) remains unaffected. For more information, please refer to SendinBlue’s privacy policy at: de.sendinblue.com/legal/privacypolicy/. We have concluded a corresponding contract with SendinBlue in which we obligate SendinBlue to protect our customers' data and not to pass it on to third parties. Your email address will only be used by us or our service providers and not passed on to any third parties. The legal basis for processing for newsletter distribution is Art. 6 para. 1 lit. a) GDPR.

3.8. Social Plugins

On our website, we use so-called "social plugins". Currently, this includes the LinkedIn button. Through these plugins, data, whether personal data, can be sent to the respective service providers outside of Germany or Europe and possibly used by them. Your personal data will only be transmitted if you click on the icon and thus the so-called social plugin. Therefore, you have full control over the transmission of your personal data. The "social plugin" remains active until you deactivate it with another click. The legal basis for processing your personal data through so-called "social plugins" such as LinkedIn is your expressed consent according to Art. 6 para. 1 lit. a) GDPR. The purpose of processing your personal data in the context of sharing and recommending offers on our website is to promote our offers within your contact network.

3.9. Facebook, Twitter, LinkedIn, Xing, Instagram

3.9.1. Facebook

To present our offers, we use the services of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland. Please note that you use the Facebook page and its features at your own risk. This applies particularly to functions such as commenting, sharing, and rating. Facebook processes personal data related to your account, your IP address, and the devices you use; cookies are used for data collection. Cookies are small files placed on your devices. What information Facebook receives and how it is used is described in general terms in Facebook's data use policy. You can also find information about contact options to Facebook, objection possibilities, and settings for advertising. The data use policy is available at the following link: Facebook Data Use Policy. The complete data policy of Facebook can be found here: Facebook Full Data Use Policy. Facebook may use the information to provide us, as the operator of the Facebook pages, with statistical information such as gender and age distribution regarding the use of the Facebook page. Furthermore, Facebook may show you additional information or advertisements according to your preferences. More information can be found at: Facebook Pages Insights. The data collected in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union. When you visit one of our social media appearances (e.g., Facebook), visiting such a site triggers processing of your personal data. In this case, we, together with the operator of the respective social network, are responsible for the data processing operations according to Art. 26 GDPR, if we actually make a joint decision with the operator of the social network about data processing and also have an influence on data processing. As far as possible, we have entered into agreements with the operators of social networks on joint responsibility according to Art. 26 GDPR, such as the Page Controller Addendum with Facebook Ireland Ltd. Your rights (right to information according to Art. 15 GDPR, right to rectification according to Art. 16 GDPR, right to deletion according to Art. 17 GDPR, right to restriction of processing according to Art. 18 GDPR, right to data portability according to Art. 20 GDPR, and right to complain according to Art. 77 GDPR) can be asserted both against us and against the operator of the respective social network (e.g., Facebook). Please note that despite the joint responsibility according to Art. 26 GDPR with the operators of social networks, we do not have full control over the data processing of the individual social networks. The corporate policy of the respective provider significantly influences our options. In the case of asserting rights of the data subjects, we may only forward these requests to the operator of the social network. The extent to which Facebook uses data from the visit to Facebook pages for its own purposes, the extent to which activities on the Facebook page are assigned to individual users, how long Facebook stores this data, and whether data from a visit to the Facebook page is shared with third parties is not conclusively and clearly stated by Facebook and is not known to us. When accessing a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. Facebook also stores information about users' devices (e.g., as part of the "Login Notification" function); Facebook may thus be able to associate IP addresses with individual users. If you are currently logged in to Facebook, a cookie with your Facebook ID is on your device. This allows Facebook to track that you visited this page and how you used it. This also applies to all other Facebook pages. Through embedded Facebook buttons on websites, Facebook can track your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertisements can be tailored to you. If you wish to avoid this, you should log out of Facebook or disable the "stay logged in" function, delete the cookies on your device, and close and restart your browser. This way, Facebook information that directly identifies you will be deleted. You can use our Facebook page without revealing your Facebook ID. When you access interactive features of the page (like, comment, share, messages, etc.), a Facebook login screen will appear. After logging in, you are again recognizable to Facebook as a specific user. Alternatively, you can use a different browser for visiting our Facebook page. Information on how to manage or delete your information can be found on the following Facebook support pages: Facebook Privacy Help. We, as the provider of the information service, do not collect or process any data from your use of our service. You can find this privacy statement in its current version under the "Data Policy" section on our Facebook page.

3.9.2. Twitter

To utilize our services, we use the microblogging service of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The data processing for individuals residing outside the United States is the responsibility of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland. Please note that you use the offered Twitter microblogging service and its features at your own risk. This applies particularly to functions such as sharing or rating. Information on what data Twitter processes and for what purposes can be found in Twitter’s privacy policy at Twitter Privacy Policy. The information collected by cookies from this provider is generally sent to a server in the USA and stored there. In the case of data transfer to the USA, the data transfer is based on the existence of standard contractual clauses. We have no influence over the nature and extent of the data processed by Twitter, how the data is processed and used, or its disclosure to third parties. By using Twitter, your personal data is collected, transmitted, stored, disclosed, and used by Twitter Inc. independently of your residence, and is transferred and stored in the United States, Ireland, and any other country where Twitter Inc. operates. Twitter processes voluntarily provided data such as name and username, email address, phone number, or contacts from your address book if you upload or synchronize it. Additionally, Twitter analyzes shared content to determine your interests, stores and processes confidential messages sent directly to other users, and can determine your location based on GPS data, wireless network information, or your IP address to deliver advertisements or other content. Twitter Inc. may use analysis tools such as Twitter or Google Analytics. We have no control over the use of such tools by Twitter Inc. and have not been informed of any potential use. If such tools are used by Twitter Inc. for our account, we neither commissioned nor agreed to it, nor supported it in any way. We are not provided with data obtained from such analyses. Only certain non-personal information about tweet activity, such as the number of profile or link clicks from a specific tweet, is visible to us through their account. We also have no way to prevent or disable the use of such tools on their Twitter account. Twitter also receives information when, for example, you view content, even if you do not have an account. These so-called "log data" may include the IP address, browser type, operating system, information about the previously visited website, and the pages you visited, your location, mobile service provider, device used (including device ID and application ID), search terms used, and cookie information. Through embedded Twitter buttons or widgets on websites and the use of cookies, Twitter can track your visits to these websites and link them to your Twitter profile. Based on this data, content or advertisements can be tailored to you. Since Twitter Inc. is a non-European provider with a European branch only in Ireland, it is not bound by German data protection regulations. This affects, for example, your rights to information, blocking, or deletion of data, or the ability to object to the use of usage data for advertising purposes.

You can limit the processing of your data through the general settings of your Twitter account and under "Privacy and Security." Additionally, on mobile devices (smartphones, tablets), you can restrict Twitter’s access to contact and calendar data, photos, location data, etc., depending on the operating system used. More information on these points can be found on the following Twitter support pages:

• Twitter Support
• Twitter Privacy Help

Information on viewing your data on Twitter can be found here: Your Twitter DataInformation on existing personalization and privacy settings can be found here (with further references): Twitter Personalization

You also have the option to request information through the Twitter privacy form or the archive requests:

• Twitter Privacy Form
• Archive Requests

We also process your data. Although you do not directly collect data through your Twitter account, the data you enter on Twitter, such as your username and content published under your account, is processed by us to the extent that we may retweet or reply to your tweets or create tweets referencing your account. The data you freely publish and distribute on Twitter is thus incorporated into our service and made available to our followers.

‍

3.9.3. LinkedIn

To utilize our services, we use the services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Please note that you use this LinkedIn page and its features at your own risk. This applies particularly to features such as commenting or rating. Information on what data LinkedIn processes and for what purposes can be found in LinkedIn’s privacy policy: LinkedIn Privacy Policy. When you visit our LinkedIn company page, LinkedIn collects your IP address and other information that may be stored in cookies on your computer. This information is used to provide us, as the operator of the LinkedIn pages, with statistical information about the use of the LinkedIn page. The data collected in this context is processed by LinkedIn Ireland Unlimited Company and may be transferred to countries outside the European Union (LinkedIn Data Transfer). LinkedIn describes in general terms in its privacy policy what information LinkedIn receives and how it is used. It also provides information on how to contact LinkedIn. The extent to which LinkedIn uses data from visiting LinkedIn pages for its own purposes, how activities on the LinkedIn page are assigned to individual users, how long LinkedIn stores this data, and whether data from visiting the LinkedIn page is shared with third parties is not clearly specified by LinkedIn and is not known to us. As the provider of a LinkedIn company page, we do not collect or process any data from your use of our service.

3.9.4. Xing

XING is a social network operated by XING SE, Hamburg. On this platform, members primarily manage their professional and personal contacts and make new connections. Companies and organizations can also create pages with logos and short profiles, post news, and initiate discussion groups. To use the page, a personal profile with administrator rights must be assigned to the company profile. Dialogue in groups can only be done through a personal profile. To use network functions, you need to register as a user. More information is available from XING at XING Corporate. Current information on data protection can be read at XING Privacy Policy. We do not collect or process any personal data through XING.

3.9.5. Instagram

To use our services, we use the services of Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. Please note that you use our Instagram page and its features at your own risk. This applies particularly to features such as commenting or rating. When you visit our Instagram page, Instagram collects your IP address and other information stored in cookies on your computer. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page. The data collected in this context is processed by Instagram Inc. and may be transferred to countries outside the European Union. Instagram describes in general terms in its privacy policy what information Instagram receives and how it is used. It also provides information on how to contact Instagram and settings for advertising. The privacy policy can be found at: Instagram Privacy Policy. The extent to which Instagram uses data from visiting Instagram pages for its own purposes, how activities on the Instagram page are assigned to individual users, how long Instagram stores this data, and whether data from visiting the Instagram page is shared with third parties is not clearly specified by Instagram and is not known to us. When accessing an Instagram page, the IP address assigned to your device is transmitted to Instagram. According to Instagram, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. Instagram also stores information about users’ devices (e.g., as part of the “Login Notification” function); Instagram may therefore be able to associate IP addresses with individual users. If you are currently logged into Instagram, a cookie with your Instagram ID is on your device. This allows Instagram to track that you visited this page and how you used it. This applies also to all other Instagram pages. Through embedded Instagram buttons on websites, Instagram can track your visits to these websites and assign them to your Instagram profile. Based on this data, content or advertisements can be tailored to you. If you want to avoid this, you should log out of Instagram or disable the "stay logged in" function, delete cookies on your device, and close and restart your browser. This will delete Instagram information that directly identifies you. You can use our Instagram page without revealing your Instagram ID. When you access interactive features of the page (like, comment, share, messages, etc.), an Instagram login screen will appear. After logging in, you will be recognizable to Instagram as a specific user. Information on how to manage or delete information about you can be found on the following Instagram page: Instagram Safety. As the provider of the information service, we do not collect or process any data from your use of our service.

3.9.6. YouTube

We have embedded YouTube videos in our online offering that are stored on youtube.com and playable directly from our website. Generally, when a page with embedded videos is accessed, your IP address is sent to YouTube and cookies are installed on your computer. However, we have embedded our videos in "extended data protection mode", meaning no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you click to play the video are the following data transmitted:

• IP address
• Date and time of the request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transmitted
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software
• Hardware used (PC, smartphone, etc.)
• Location (if Google Maps is activated)

We have no influence over this data transmission. By visiting our website and playing the videos, YouTube receives the information that you have accessed the corresponding subpage of our website. If you are logged into Google, this data is directly associated with your account. If you do not want this association with your YouTube profile, you must log out before activating the button. Additionally, YouTube also stores data if you do not have a Google user account, specifically: IP address, search queries, browser, and operating system version. YouTube/Google stores this data as usage profiles and uses it for advertising, market research, and/or designing its website to meet users’ needs. Such analysis is done particularly (even for users who are not logged in or do not have a corresponding account) to deliver targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right, you must contact YouTube. Information from the third party: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA: YouTube Privacy and Google Privacy Policy. The information collected by cookies from this provider is generally sent to a server in the USA and stored there. In the case of data transfer to the USA, the data transfer is based on the existence of standard contractual clauses. We do not collect or process any personal data through YouTube. The transfer of personal data by Google, particularly to third countries, is outside of our responsibility.

3.9.7. TikTok Pixel

We use the TikTok Pixel service on our website. This service is offered for users with permanent residence in the Federal Republic of Germany and Austria by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380 Ireland. Please note that TikTok also processes data from you in the USA. We have no influence over TikTok’s processing of this data. TikTok states that it uses standard contractual clauses to ensure European data protection standards are maintained during processing. Information on these clauses can be found at: TikTok Privacy Policy.

3.10. WP Statistics

We use the WP Statistics service on our website. This service is provided by Veronalabs (5460 W Main St, Verona, NY 13478, United States). Through this service, we obtain basic statistics about how you, as a user, interact with our website. It is an analytics software specifically developed for websites and utilizes the WordPress content management system. WP Statistics can collect data on how long you stay on our website, which subpages you visit, how many visitors are on the website, or from which website you came to us. WP Statistics does not set cookies, and the collected data cannot identify you as an individual. WP Statistics also anonymizes your IP address.

WP Statistics collects visitor data when your web browser connects to our web server. This data is stored in our database on our server. This includes, for example:

• The address (URL) of the accessed website
• Browser and browser version
• The operating system used
• The address (URL) of the previously visited page (Referrer URL)
• The hostname and IP address of the device from which access is made
• Date and time
• Information about country/city
• Number of visitors coming from a search engine
• Duration of the website visit
• Clicks on the website

This data is not shared or sold. All data is stored locally on our web server. The data is retained as long as necessary to meet the purposes of making our website more interesting and better suited to your needs. You have the right at any time to request information, correction, deletion, or restriction of the processing of your personal data. You can also withdraw your consent for data processing at any time. The use of WP Statistics requires your consent, which we have obtained through our cookie popup. In addition to consent according to Art. 6 para. 1 lit. a) GDPR, we also have a legitimate interest in analyzing the behavior of visitors to our website to continuously improve the offer according to Art. 6 para. 1 lit. f) GDPR.

Please note that data processing is primarily carried out by WP Statistics, and we do not have detailed control over this processing. If you want to learn more about WP Statistics, please refer to the company's privacy policy at WP Statistics Privacy Policy.

4. Newsletter

If you wish to subscribe to the newsletter offered on the website, we require an email address and information that allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter. Additional data will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties.

The processing of the data entered in the newsletter registration form is based solely on your consent (Art. 6 para. 1 lit. a) GDPR). You can withdraw your consent for storing the data, the email address, and its use for sending the newsletter at any time, for example, via the "unsubscribe" link in the newsletter. The legality of data processing that has already occurred remains unaffected by the withdrawal.

The data you provided for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after the newsletter subscription is canceled. Data stored for other purposes with us (e.g., email addresses for the customer area) remain unaffected by this.

5. Your Rights

The legal requirements provide you with the following rights:

5.1. Right to Information (Art. 12-15 GDPR)
You have the right to know whether and which of your personal data we process. You are entitled to the following information:

• The purposes of processing;
• The categories of personal data that are processed;
• The recipients or categories of recipients to whom the personal data has been disclosed or will be disclosed, especially recipients in third countries or international organizations;
• The planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining this duration;
• The existence of the right to correction or deletion of the personal data concerning you or to restriction of processing by the controller or of the right to object to such processing;
• The existence of a right to lodge a complaint with a supervisory authority;
• If the personal data has not been collected from the data subject, all available information about the source of the data;
• The existence of automated decision-making, including profiling, according to Article 22 paragraphs 1 and 4 GDPR.
  If personal data is transferred to a third country or an international organization, you also have the right to be informed about the appropriate safeguards according to Article 46 GDPR related to the transfer.

Upon request and provided that the rights and freedoms of other persons are not impaired, we will provide a copy of the personal data being processed. For all additional copies you request, we may charge a reasonable fee based on administrative costs.

5.2. Right to Rectification/Completion (Art. 16 GDPR)
You have the right to rectification and/or completion if your personal data processed by us is inaccurate or incomplete.

5.3. Right to Erasure ("Right to be Forgotten") (Art. 17 GDPR)
You have the right to erasure if:

1. We no longer need your personal data for its original purpose;
2. You withdraw your consent and there is no other legal basis for processing your personal data;
3. You object to the processing of your personal data and there are no overriding legitimate grounds for the processing;
4. The processing of your personal data is unlawful;
5. The erasure of your personal data is required by law;
6. Your personal data was collected in relation to offered services of the information society according to Art. 8 GDPR.

5.4. Right to Restriction of Processing (Art. 18 GDPR)
You have the right to restriction of processing if:

1. The accuracy of your personal data processed by us is contested;
2. The processing of your personal data is unlawful;
3. We no longer need your personal data for legal purposes;
4. You have objected to the processing of your personal data and we are evaluating this objection.

5.5. Right to Notification (Art. 19 GDPR)
If you have exercised your right to rectification, erasure, or restriction of processing, we will inform all recipients of your personal data of this rectification, deletion, or restriction of processing unless this proves impossible or involves a disproportionate effort. If you wish, we will inform you of these recipients.

5.6. Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data processed by us based on consent or for contract execution in a structured, commonly used, and machine-readable format, and to transmit it to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent or a contract according to Art. 6 para. 1 lit. b) GDPR and the processing is carried out by automated means.

5.7. Right to Object (Art. 21 GDPR)
You have the right to object to the processing of your personal data for reasons related to your particular situation. In this case, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing.

5.8. Right to Withdraw Consent (Art. 7 para. 3 GDPR)
You have the right to withdraw any consent given to us at any time. The withdrawal of consent does not affect the legality of the processing based on consent before its withdrawal.

5.9. Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data by us is in violation of the GDPR.
The competent supervisory authority for us is the
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach

‍