Privacy Policy

Privacy Policy Wedolo

Updated: 24.10.2023

Thank you for your interest in Wedolo. Wedolo Betriebsgesellschaft mbH (hereinafter “we/us”) operates an internet-based platform for companies in the logistics and freight forwarding industry (hereinafter “platform”) under the websites “wedolo.de” and “my.wedolo.de” as well as the mobile application “Wedolo Driver App” (hereinafter “app”). On the Platform, we offer users numerous services and information on our forwarding and logistics-related products and offers.

The online platform bundles the offers of the Bundesverband für Güterkraftverkehr Logistik und Entsorgung (BGL) e.V. (Federal Association for Road Haulage, Logistics and Disposal) and the other organizations (Link) , the KRAVAG-Sach Versicherung des Deutschen Kraftverkehrs VaG, the SVG Bundes-Zentralgenossenschaft Straßenverkehr eG and the various regional organizations (Link) of the Road Traffic Association (SVG) and makes them available to members centrally.

In order to be able to offer the platform, we also need some data from you. As a matter of principle, we collect and use personal data of our users only insofar as this is necessary for the provision of the functional websites and the app as well as our content and services.

We, BGL, KRAVAG-Sach and SVG are partly jointly responsible. All data controllers have entered into an agreement to determine which of them fulfils which obligations under data protection law. You can find the essentials of this agreement here.

Personal data is data with which you can be personally identified. We take the protection of personal data very seriously and always process it in accordance with the applicable data protection regulations, in particular the General Data Protection Regulation (“GDPR”).

With this privacy policy, we would like to fully inform you about the nature, scope and purpose of the personal data we process and your rights as a data subject.

1. Scope of validity

The following data protection information applies to the generally accessible website “wedolo.de” and the password-protected website “my.wedolo.de”. These websites contain links to third-party websites (external links). We have no influence on the content of these websites. They are subject to the liability of the respective operators. This data protection declaration does not apply to the linked websites of third parties.

The app is a software for a smartphone with Android or iOS operating system. This privacy policy explains what data is processed in what form in the app when you download and use it on your mobile device (see section 5).

If you have any questions about the collection, processing or use of your personal data, please contact: datenschutz@wedolo.de

2. Use of your data

2.1 Contact details of the person responsible for Wedolo

Wedolo Betriebsgesellschaft mbH
Heidenkampsweg 102
20097 Hamburg

E-Mail: kontakt@wedolo.de

2.2 Contact details of the data protection officer

Tobias Kohl, LL.M.
GOT PRIVACY?!
Annemarie-Renger-Straße 35
53332 Bornheim
E-Mail: datenschutz@wedolo.de

2.3 Legal basis of the processing of personal data

We process your personal data in compliance with the provisions of the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other applicable laws on the processing of personal data.
The specific legal basis for data processing depends on the context in which and the purpose for which we receive your data. We will therefore inform you separately in the respective application, as far as necessary.

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) (a) GDPR serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) (d) GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) (f) GDPR serves as the legal basis for the processing.

In the case of a general balancing of interests, we weigh our own interests, which are in case of doubt economic, against the respective interests of the person concerned.

2.4 Provision of the personal data

In principle, we ask you to only provide us with data that is necessary for the respective purpose or required by law. If we ask you to provide us with data voluntarily, we will draw your attention to this fact. If there is a contractual or legal obligation to provide the data and you refuse to do so, this may mean that we are unable to conclude a contract or are not obliged to perform.

2.5 Measures for the protection of personal data

In general, the internet is considered an insecure medium. In contrast to a telephone line, for example, it is easier for unauthorised third parties to intercept, record or even alter data transmitted over the internet. In order to guarantee the confidentiality of communication with you, we use so-called SSL/TLS encryption according to the current state of the art. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. According to the current state of knowledge, 256-bit encryption is considered secure. All browsers of the younger generation achieve this level of security. If necessary, you should update the browser on your PC.

3. Data collection

3.1 Use of cookies

Some of our websites use so-called cookies. Cookies do not cause any damage to your end device and do not contain viruses. Cookies serve to make our online platform more user-friendly, effective and secure. Cookies are small text files that are stored on your end device and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of the platform may be limited.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 (1) (f) GDPR. We have a legitimate interest in storing cookies for the technically error-free and optimised provision of our services. If other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.

The cookies used on our platform are categorised as follows:

• Necessary cookies, preferences: serve to control you during your visit to our online platform and are necessary so that you can, for example, navigate through the pages and use essential functions.

• Statistics cookies: help us to better understand how visitors interact with the online platform in so-called pseudonymous usage profiles. A direct conclusion to a person is not possible. With these cookies, we can measure the reach of our offer. The legal basis for data processing is Art. 6 (1) (a) GDPR your previously given consent.

• Marketing cookies: allow us to provide you with optimised or personalised content and offers on our online platform or third-party sites. These cookies are only active if you have previously given us your consent. The legal basis for data processing is Art. 6 (1) (a) GDPR.

Your consent or refusal to the cookies listed above can be adjusted via the Consent Management Tool used on our website.

3.2 Consent Management Tool – Access to your settings

To obtain and manage your consent, we use a so-called consent management tool from Cookiebot on our online platform. Through this tool, you have the opportunity to decide according to your specifications about the setting of cookies on our online platform. You are able to change the decision made there and subsequently grant or revoke your consent at any time via the settings options of the tool.

The operating company of Cookiebot is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. You can find more information about the privacy policy.

3.3 Server-Log – Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are in particular:

• Name of the accessed website or URL
• Access status / http status code
• Amount of data transferred
• Randomly generated key number of the cookie or session
• Browser type and browser version
• operating system used
• Referer URL
• Host name of the accessing computer
• Date and time of the access / server request
• IP-Address

A combination of this data with other data sources is not made.

The collection of this data is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our platform – for this purpose, the server log files must be collected.

3.4 Contact form and contact by e-mail

If you send us inquiries via the contact form, the information you provide in the inquiry form, including the contact data you enter there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions.

If you contact us by e-mail, your request including all resulting personal data (name, request, etc.) will be stored and processed by us for the purpose of processing your request.

The processing of this data is based on Art. 6 (1) (b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) GDPR) and / or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of requests addressed to us.

3.5 Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. For the registration of the offered newsletter, the double opt-in procedure is used as a consent procedure. In this process, the consent for an entry in the subscriber list is confirmed again by the recipient in a second step.
Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

We use SendGrid to send our newsletter. With your registration you agree that the data you enter will be transmitted to SendGrid. Here you will find further details about the terms and the privacy policy of SendGrid.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter received. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

If we have received your email address in connection with the registration for Wedolo and you have not objected to this, we will process your email address in order to conduct email marketing (direct advertising) for our own similar goods or services and, if necessary, other personal data in order to address you personally. This advertising to existing customers is based on our legitimate interests in direct advertising (Art. 6 (1) (f) DSGVO or the dispatch on § 7 (3) Law Against Unfair Competition – UWG).

4. The Website „my.wedolo.de“

4.1 General information

To use the password-protected website “my.wedolo.de” and the services offered, any natural person can create a user account. For this purpose, the surname and first name are required, as well as an e-mail address or alternatively a mobile number and a password for identification. As soon as you are registered as a user on the online platform, a wedolo user account is created and you are assigned a user number.

The entries and changes are logged in accordance with the data protection requirements.

4.2 Access data and Single Sign-On – Service

If you are already registered on partner portals, the “my.wedolo.de” website offers you the option of accessing the restricted areas and content of connected partner portals via a single sign-on procedure (hereinafter “SSO”) after a one-time registration and authentication, without having to go through a registration process again. You therefore have a cross-service “identity” that can be recognized and verified by the online services you want to use.

To register for access to a partner portal for the first time, you log in as a user on the login page of the partner portal with your login data. After successful log-in, you receive a cross-portal, anonymized “identifier” (a so-called “token”) through the SSO service, which can be recognized and verified by the participating partner portals.
This cross-portal identifier is stored separately from the application data on a server (“metadirectory”) and does not allow any conclusions to be drawn about your data. No other user data is transferred to the partner sites. The login to the partner portal is added to the menu of your user administration.

This privacy policy does not replace the privacy policies of the respective partner portals.

4.3 Master data record

The data you entered in the registration form during registration, together with your SSO ID, form the first master data record of your my.wedolo.de user account (hereinafter referred to as “master data record”). The master data record may be extended by additional information in the course of using the various online services. This happens when you want to use a service that requires data for the service provision that is not yet part of the master data record. The “my.wedolo.de” website will ask you to provide the relevant data when you register for the platform or when you log in for the first time. If you then provide this data, it will become part of the master data record.

4.4 KRAVAG-online

For the administration of your commercial transport insurances and claims, you as a member will be linked to KRAVAG-online via a Single Sign-On (SSO). In addition, you can transfer vehicle-specific data records from KRAVAG-online to the “Fleet” service after prior consent. Provider is: KRAVAG-SACH Versicherung des Deutschen Kraftverkehrs VaG, Heidenkampsweg 102, 20097 Hamburg, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy of KRAVAG-Online.

4.5 SVG-Akademie

To use the services of the SVG-Akademie, you as a user will be linked to the SVG-Akademie via a single sign-on (SSO). The provider is: SVG-Akademie GmbH, Bullerdeich 36, 20537 Hamburg, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy and the terms of use of the SVG Akademie.

4.6 BGL-Vorteilswelt

To use the BGL-Vorteilswelt, you as a user will be linked to the BGL-Vorteilswelt via a single sign-on (SSO). The provider is: Bundesverband Güterkraftverkehr Logistik und Entsorgung (BGL) e.V., Breitenbachstr. 1, 60487 Frankfurt am Main, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy of the BGL-Vorteilswelt.

4.7 mySVG

In order to use the mySVG service, you as a user will be linked to mySVG via a Single Sign On (SSO). The provider is: SVG Bundes-Zentralgenossenschaft Straßenverkehr eG, Breitenbachstr. 1, 60487 Frankfurt, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy and terms of use of mySVG.

4.8 Service: Vehicle inspection

The service vehicle inspection includes the following points:

Vehicle inspection and reports: This service is offered both as a web application and in the driver app. In the app, pictures can be taken of the vehicle’s checkpoints, documenting the defect in question. They are attached to the inspection report and saved.

We collect this data in order to provide you with the control reports generated from the departure, intermediate or final controls as well as the driver and vehicle overview lists. The legal basis for the processing of the data is Art. 6 (1) (f) GDPR (general balance of interests).

Employees: For this service, personal data of the employees are collected. These data include the employee name, telephone number, e-mail address, language and nationality (optional).
In this context, we will act as the user’s order processor. The contract for order processing between the user as client and us as contractor is concluded as a separate contract via single opt-in.

The legal basis for processing the data is Art. 6 (1) (f) GDPR (general balancing of interests). We delete the data in compliance with the applicable retention periods as soon as they are no longer required for the stated purpose (e.g. when the employee leaves the company).

4.9 Service: Emergency Support

To use this service, the employee name and phone number is required. This service is also offered in the driver app.

This data is collected so that this service can be provided to you. The legal basis for the processing of the data is Art. 6 (1) (f) GDPR (general balance of interests).

For optimal use of the service, the vehicle must be detected by means of switched-on GPS (Global Positioning System) when the web application or app is called up. An API interface of the open source mapping tool “OpenStreetMap” (OSM) is used for geolocation and usage. The provider is the OpenStreetMap Foundation, St. John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The representative of the OpenStreetMap project in Germany is Fossgis e.V., Römerweg 5, 79199 Kirchzarten, Germany.

In order to effectively integrate the service, corresponding program libraries or map contents are called up from servers of the OpenStreetMap Foundation. This requires that OSM, as the provider of the service, receives your IP address and, if applicable, the specified address information. Without the IP address, OSM cannot send the content back to your browser. The IP address is therefore required for the display of the OpenStreetMap – content.

Here you can view Information regarding OSM data collection and processing.

For medical emergencies you will be linked directly to DocStop. Provider is: DocStop für Europäer e.V., Heinrich-Büssing-Str. 6, 49549 Ladbergen, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy of DocStop.

4.10 Service: Wash & Refuel

This service is only available on the Wedolo driver app. As a user, you will be linked directly to Tankerkönig for the petrol station finder. The provider is: Tankerkönig UG (haftungsbeschränkt), Niederhöfen 5, 57484 Nesselwang, Germany. You enter into a separate legal relationship with the provider.

Here you can view information regarding the data collection and processing of Tankerkönig.

The data for the car wash finder comes from LKW-Waschanlagen.com. Provider is: BTSSB Bartmann Total Solutions in Steel Buildings, Casa Mondiale, CH-6745 Giornico / TI.

4.11 Service: eurotransport.de

To use the service, you as a user will be linked directly to eurotransport.de. The provider is: EuroTransportMediaVerlags- und Veranstaltungs-GmbH, Handwerkstraße 15, 70565 Stuttgart, Germany. You enter into a separate legal relationship with the provider.

Here you can view the privacy policy of eurotransport.de.

4.12 Service: PartnerCheck

For the use of this service, in addition to the master data, business information (register data) as well as further data (insurance certificates, declarations of the user on compliance with the Minimum Wage Act and the special requirement of § 7 of the GüKG) are processed.

The business information is compulsory company publications (in particular from the commercial register, the Federal Gazette and the insolvency notices, which are provided via an interface by North Data GmbH, Hermannstraße 22, 20095 Hamburg, Germany).

Here you can view the terms of use attached to Wedolo.

4.13 Service: Insurance confirmation

This service is only available to you if you are a KRAVAG customer. In this case, you can download your insurance certificates (traffic liability, public liability and motor vehicle insurance) as a PDF file either by accessing KRAVAG-online (see also 4.4) or by entering the KRAVAG customer number and the insurance policy number and make them available to your customers or partners.

QR codes are integrated in the documents to enable you to check your current insurance status.

5. Wedolo Driver-App

5.1 General information

The prerequisite for using the Wedolo driver app is that you have an end device (smartphone with iOS or Android operating system or Android tablet) that allows the installation and use of an app. Details on the minimum requirements can be found on our page in the respective app stores. In your own interest, we recommend that you always keep the software on your device up to date, regularly install updates to the operating system and any installed protection programs, and protect your device from unauthorized access.

In order to be able to use the app, you must install it on your end device.

In order to download the app, you may need to enter into an agreement with a third party provider (e.g. Google Inc., hereinafter referred to as “third party provider”) to access a portal or online shop of the respective third party provider (e.g. Google Play, hereinafter referred to as “third party portal”). The operator of the app is not a party to such an agreement and has no influence on the data processing by the third party provider.

If, in accordance with the applicable terms of use of the third-party provider, the provider becomes your contractual partner for the purchase of the app (e.g. in Google Play), the provider processes the data provided to it by the third-party provider to the extent necessary for the performance of the contract.

If the Provider does not become your contractual partner in relation to the purchase of the App and the App is not downloaded from the Provider’s server (e.g. in the case of the purchase of the App via Google Play), the Provider does not process any personal data in the context of the purchase and download of the App by you.

5.2 Authorizations

To use the app on your device, the app must be able to access various functions and data on your device:

• Camera
• Location access
• Phone (make calls)

If you have activated location access, the app uses the location service of the respective operating system to determine your location. For this purpose, GPS data, radio cell information and surrounding WLAN radio networks are determined in your smartphone and transmitted to the location service provider of the operating system provider you are using, which uses this information to determine the location of your end device. The app calls up the location services and receives the position back as the result of the calculations carried out by the location service provider.

Data about your location will only be used to process your request. Your location data is transmitted via an encrypted connection. Your location data is anonymised after your request has been completed and statistically analysed to improve our service.

If you do not want your location to be determined by the app, you must close the function for determining your location via the corresponding slider in the “Settings” menu of the operating system of your end device. In this case, no location data will be collected by the app. This may impair the full functionality of the services offered.

Your location data is used when you access the following services:

• Vehicle Inspection
• Emergency Support
• Wash & Refuel

5.3 Data processing

The app offers an authentication and authorisation process. Processing of data from the app generally takes place on “my.wedolo.de” after successful authentication and authorisation. This requires the entry of a user ID and password. The registration and identification of the user takes place by means of an encrypted token.

The app offers you the technically supported possibility to use the following Wedolo services. These are:

• Vehicle Inspection incl. Reports (see also § 4.8)
• Emergency Support (see also § 4.9)
• Wash & Refuel (see also § 4.10)

As soon as you use the app or attempt to do so, your end device establishes an online connection to the provider’s server. In the process, certain data, which are listed in detail below, are automatically transmitted by the app to the servers involved, provided that you have entered these data:

• Mobile phone number or e-mail address
• Registration times (successful and failed) and deregistration times

In the app, the following personal data is temporarily stored in the encrypted area:

• Surname and first name
• Mobile phone number or email address
• Language

• Nationality (optional)

All data recorded and calculated in the app is only temporarily stored in a protected area on your end device for the duration of a missing online connection. The final data storage takes place in the protected area of “my.wedolo.de”. Access via the app to his profile and product data with associated calculations are protected by the authorization & authentication procedure.

5.4 Data security

To ensure transmission security, the driver app uses the HTTPS protocol for the transmission of data.

The application encrypts all data stored locally on the device. This is all data stored in the database as well as information contained locally – in the cache. For the encryption of temporary data, Android Keystore is used in the Android app and iOS Keystore in the iOS app.

The app allows you to protect your profile on your smartphone with a password. Please keep your password secret. We will never ask you to enter the password outside the app.

5.5 Deleting the Wedolo Driver-App

If you no longer wish to use the app, it must be removed via the functionality of the end device. All data stored locally via the app will be deleted with the uninstallation. The user account associated with the app can be deleted via “my.wedolo.de”.

Personal data shall be deleted if the collection or processing was unlawful from the beginning, the processing or use proves to be unlawful due to subsequently occurring circumstances or knowledge of the data is no longer necessary for the provider to fulfil the purpose of the processing or use.

Data that we need to complete outstanding tasks or to enforce our own rights and claims, as well as data that we must retain according to legal, contractual, statutory or official requirements, are excluded from deletion. Personal data is also excluded from deletion if there is reason to believe that deletion would impair your interests worthy of protection or deletion is not possible or only possible with disproportionate effort due to the special type of storage. In this case, deletion is replaced by blocking. Also excluded from deletion is anonymised data that the responsible body or your contractual partner uses for statistical purposes.

6. Social Media Plugins und Tools

6.1 General

Our website uses third-party extensions. We ensure that we do not pass on your personal data to third parties unless we are legally entitled or obliged to do so or you have given us your prior consent. Insofar as we use service providers for the implementation and handling of processing procedures, the contractual relationships are regulated in accordance with the provisions of data protection law.

6.2 Social Bookmarks

So-called social bookmarks (e.g. from Facebook) are integrated on our website. Social bookmarks are internet bookmarks with which the users of such a service can collect links and news reports. These are only integrated on our website as links to the corresponding services. After clicking on the embedded graphic, you will be redirected to the page of the respective provider, i.e. only then will user information be transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection provisions of the providers.

6.3 Capture feedback and survey data through HubSpot

We provide you with feedback opportunities on our platform and invite you as a user to participate in surveys from time to time. In this way, we want to continuously improve our offers and services. We use technologies from our service provider HubSpot for this purpose (HubSpot European Headquarters, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland (Phone: +353 1 5187500).

Participation in surveys and filling out feedback forms is always voluntary.

The cookies set by HubSpot have the purpose of assigning the content of the feedback or survey to the corresponding user. You can find out more about HubSpot’s privacy policy at HubSpot Privacy Policy.

The legal basis for the described processing of personal data is your previously given consent, Art. 6 (1) (a) GDPR. You can declare your objection/revocation at any time in the cookie settings of the cookie management tool used.

Here you can change your cookie settings via the Consent Management Tool.

6.4 Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.

6.5 Font Awesome

This site uses icons and, for the uniform display of fonts, so-called web fonts, which are provided by Fonticons, Inc. When you call up a page, your browser loads the required icons and web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the servers of Fonticons, Inc. This enables Fonticons, Inc. to know that our website has been accessed via your IP address. The use of web fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

If your browser does not support web fonts, a default font will be used by your device.

Here you can find more information about Font Awesome and the privacy policy of Fonticons Inc.

6.6 Google Maps

This site uses the map service Google Maps via an API. Provider is: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

In order to effectively integrate the service, corresponding programme libraries or map content are called up from Google servers. This requires that Google, as the provider of the service, receives your IP address and, if applicable, other address information provided by you. Without the IP address, Google would not be able to send the content back to your browser. The IP address is therefore necessary for the display of Google Maps content. In this context, we would like to point out that external Google servers in the USA may be called up as a result of this use. We have no influence on this data transmission.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the online platform. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

You are not obliged to provide personal data, but it is not possible to use the relevant parts of our website without providing it.

The terms of use for Google Maps can be found at here.

You can find more details in the data protection centre of google.de under transparency and choices as well as
data protection regulations.

6.7 Facebook page of Wedolo

We operate a Facebook page to draw attention to our platform and to get in touch and exchange information with you as a visitor and user of this Facebook page. The legal basis is our legitimate interest according to Art. 6 (1) (f) GDPR.

We operate our Facebook page in accordance with Art. 26 GDPR as a joint controller together with Facebook Ireland Ltd, 4 Grant Canal Square, Grand Canal Harbour, Dublin 2, Ireland, on the basis of the Joint Responsibility Agreement.

Facebook processes users’ data for the following purposes:

• Advertising (analysis, creation of personalised advertising)
• Creation of usage profiles
• Market research

Facebook uses cookies, i.e. small text files that are stored on the end devices of the users, to store and further process this information. If the user has a Facebook profile and is logged in there, the storage and analysis may also take place across devices.

Here you can change your cookie settings via the Consent Management Tool.

For further information, we refer to Facebook’s privacy policy (data policy), the cookie policy and the special notices for the processing of data of visitors to the Facebook pages.

6.8 YouTube with enhanced data protection

Our website uses plugins from the website YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about the users of this platform before they watch the video. However, the disclosure of data to YouTube partners is not necessarily excluded by the extended data protection mode. This is how YouTube connects to the Google DoubleClick network, regardless of whether you watch a video.

As soon as you start a YouTube video, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can obtain information about visitors to our websites. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. Cookies remain on your device until you delete them.

If necessary, further data processing processes may be triggered after the start of a YouTube video, over which we have no influence.

Here you can change your cookie settings via the Consent Management Tool.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

For more information about YouTube’s privacy policy, please see their privacy policy.

6.9 Google reCAPTCHA

Our website uses the reCAPTCHA function of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). This function is primarily used to distinguish whether an entry is made by a natural person or is misused by machine and automated processing. The service includes the sending of the IP address and, if applicable, further data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in determining the individual intent of actions on the Internet and the prevention of misuse and spam.

Here you can change your cookie settings via the Consent Management Tool.

It is possible that Google may also use the data collected about your usage behaviour via the website “wedolo.de” for its own purposes. Such further processing of the data as well as the processing of the data after its transmission by Wedolo to Google is carried out by Google as the sole data protection controller. In this context, Google, as the sole data controller, may store data about you in the USA. The European Court of Justice has determined with regard to the USA that this country has an insufficient level of data protection. The legal basis for the data processing is Art. 6 (1) (a) GDPR.

Here you can find more information about Google reCAPTCHA and Google’s privacy policy.

6.10 CloudFlare

We use a Content Delivery Network (CDN) of Cloudflare, Inc., 101 Townsend Street, San Francisco, California 94107, USA (“Cloudflare”) to integrate scripts and libraries on our websites. With a content delivery network, the content of our web pages is stored on the server of the service and this distributes this content to you or your browser via a network of regional servers when the web pages are called up. The purpose of this is to be able to better fend off attacks, such as DDoS attacks, on our websites and, in the case of large script and data volumes, to make the content of our pages available to you quickly and in an optimized manner.

Since the data traffic of our web pages runs via Cloudfare servers, your IP address is also transmitted to Cloudflare. We have concluded an order processing agreement with Cloudflare, with which this company documents to us the compliance with appropriate technical and organizational measures.

The legal basis for our use of Cloudflare is Art. 6 (1) (f) GDPR. Our legitimate interest arises from the fact that we can take security measures against attacks of our websites with the service and large amounts of data can be delivered optimized.

Here you can change your cookie settings via the Consent Management Tool.

And here you can view CloudFlare’s privacy policy.

Und hier kannst du die privacy policyre einsehen.

6.11 Twitter

We have integrated components of the Twitter Inc. short message network (Twitter) on our websites. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our pages. The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

If you call up a single page of our websites on which a so-called Twitter plug-in (component) is located, your Internet browser will be prompted by the component to download a corresponding representation of the component. Thus, Twitter knows which specific subpages you have visited.

You can see an overview of all plug-ins from Twitter here.

If you are logged in to Twitter at the same time, Twitter can track which of our subpages you have visited, as this information is collected by the component and assigned to your account. If you click on an integrated Twitter button, this information is assigned to your user account and your personal data is stored. If you do not want information to be transmitted to Twitter, log out of Twitter before you visit our websites.

Here you can change your cookie settings via the Consent Management Tool.

For more privacy information from Twitter, please see Twitter’s privacy policy.

6.12 Wistia

We have integrated components from Wistia on our websites. Operating company is Wistia, Inc., 17 Tudor Street, Cambridge, MA 02139, USA.

The integration requires that Wistia can perceive the IP address of the users. The IP address is required to send the content to the user’s browser. If you call up a single page of our websites on which a Wistia component (video) is located, your internet browser is prompted by the component to download a corresponding representation of the component. Thus, Wistia knows which specific subpages you have visited.

If you are logged in to Wistia at the same time, Wistia can track which of our subpages that contain a video you have moved to. If you do not want information to be transmitted to Wistia, log out of Wistia before you visit our websites.

Here you can change your cookie settings via the Consent Management Tool.

For more privacy information about Wistia, please see Wistia’s privacy policy.

6.13 Vidyard

Our web pages contain videos from Vidyard. Operator of this video player is Buildscale, Inc. 8 Queen St. N, Unit #1, Kitchener, ON, Canada, N2H 2G8.

When you visit one of our pages equipped with a Vidyard plugin, a connection to the Vidyard servers is established. The Vidyard server is informed which of our pages you have visited. The use of Vidyard is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

Here you can change your cookie settings via the Consent Management Tool.

For more information on the handling of user data, please see Vidyard’s privacy policy.

6.14 LinkedIn Insight Tag and Conversion Tracking

We use LinkedIn Insight Tag and Conversion Tracking from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland („LinkedIn“).

For this purpose, the LinkedIn Insight Tag is integrated on our pages and a cookie is set on your end device by LinkedIn. This informs LinkedIn that you have visited our website, whereby your IP address is also collected. In addition, timestamps and events such as page views are stored. This allows us to statistically evaluate the use of our website in order to constantly optimize it. We learn, for example, which LinkedIn ad or interaction on LinkedIn you used to get to our website. This allows us to better control the display of our advertising.

You can find more information about conversion tracking here.

Please note that the data may be stored and processed by LinkedIn, so that a connection to the respective user profile is possible and LinkedIn may use the data for its own advertising purposes. You can find more information about this in the LinkedIn privacy policy.

The use of LinkedIn Insight is based on Art. 6 (1) (f) DSGVO. As the operator of the website, we have a legitimate interest in effective advertising measures including the social media.

You can prevent LinkedIn from analyzing your usage behavior and displaying interest-based recommendations here.

Furthermore, LinkedIn users can control the use of their personal data for advertising purposes in the account settings. To avoid a link between data collected on our website by LinkedIn and your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

6.15 Other online presences in social media

We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there, to accept their service cases and to be able to inform them about our services, topics and campaigns.

We would like to point out that user data may be processed outside the European Union. This may result in risks for the users because, for example, the enforcement of the rights of the users could be made more difficult.

Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the usage profiles independently of the cookies used by the users (in particular if the users are members of the respective platform and are logged in to these).

For a detailed description of the respective processing and the possibilities to object (opt-out), we refer to the following linked information of the providers.

In the case of requests for information and the assertion of user rights, we also point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

The legal basis for the described data processing in the respective online presences is, pursuant to Art. 6 (1) (f) GDPR, our legitimate interest in a contemporary and supportive information and interaction opportunity for and with our users and members.

• YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland): privacy policy and Opt-Out – Option.
• Instagram (Instagram Inc., 1601 Willow Street, Menlo Park, CA, 94025, USA): privacy policy and Opt-Out – Option.
• Facebook (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland): privacy policy and Opt-Out – Option.
• LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland): privacy policy and Opt-Out – Option.

7. Website analytics services

7.1 Google Analytics

Our websites use Google Analytics, a web analytics service provided by Google Ireland Limited (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; “Google” for short). We use Google Analytics in the form of “Universal Analytics”. “Universal Analytics” refers to a method of Google Analytics in which the user analysis is based on a pseudonymous user ID and thus a pseudonymous profile of the user is created with information from the use of different devices (so-called “cross-device tracking”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the websites, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. For the transfer of data to the USA, we have agreed with Google on the standard data protection clauses approved by the EU Commission. The transfer of data to Google servers in the USA is therefore based on Art. 46 (2) (c) GDPR.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website. By using our websites, you consent to the processing of data about you by Google in the manner and for the purposes set out above. The Google Analytics deactivation add-on for the browser gives the website visitor more control over which data about websites accessed is collected by Google Analytics. If you do not want your data to be stored, please install the deactivation tool provided by Google.

We also use Google Analytics to analyze data from Google Ads for statistical purposes. If you do not want this, you can disable it via the Ads Preferences Manager.

You can find more information about this here and here (general information about Google Analytics and privacy). We would like to inform you that on this website Google Analytics is extended by the code „gat._anonymizeIp();“, to ensure anonymized collection of IP addresses (so-called IP masking).

As an alternative to the browser add-on or within browsers on mobile devices, please click here to prevent Google Analytics from collecting data within these websites in the future (the opt out works only in this browser and only for this domain). This will place an opt-out cookie on your device. If you delete your cookies in this browser, you must click this link again.

Here you can change your cookie settings via the Consent Management Tool.

We also use Google Remarketing based on Doubleclick of Google Inc. for the placement of interest-based advertising. The review of displayed pages and the assignment of ads is carried out by a pseudonymous identification number contained in the Doubleclick cookie. The information generated by the cookie about pages viewed is transmitted to Google’s server for analysis and stored there. You can find more information in the privacy policy of Google.

You can find your objection option here. Other opt-out options: you can opt out of Google’s interest-based advertising (here), but also by other advertising networks on the pages of the advertising industry (here) contradict.

7.2 Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google Ads and Google DoubleClick. Provider is Google Ireland Limited, Gordon House, Barrow St., Dublin 4, Ireland.

This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google Ads and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been adapted to you depending on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. In this way, the same personalised advertising messages can be displayed on every device on which you log in with your Google account.

To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create target groups for cross-device ad advertising.

You can permanently opt out of cross-device remarketing/targeting by deactivating personalised advertising in your Google Account, by following this link.

It is possible that Google may also use the data about your usage behaviour collected via our websites for its own purposes or for the purposes of other Google customers (e.g. playout of individualised third-party advertisements). Any such further processing of the data, as well as the processing of the data after it has been transmitted by us to Google, will be carried out by Google as the sole data controller. In this context, Google, as the sole data controller, may store data about you in the USA. The European Court of Justice has determined with regard to the USA that this country has an insufficient level of data protection. The legal basis for the data processing is Art. 6 (1) (a) GDPR.

The aggregation of the collected data in your Google account is based exclusively on your consent, which you can give or revoke at Google (Art. 6 (1) (a) GDPR). In the case of data collection processes that are not merged in your Google Account (e.g. because you do not have a Google Account or have objected to the merger), the collection of the data is based on Art. 6 (1) (f) GDPR. The legitimate interest results from the fact that we have an interest in the anonymised analysis of website visitors for advertising purposes.

You can find further information and the data protection regulations in the Google data protection declaration.

7.3 Google Ads und Google Conversion Track

These websites use Google Ads. Ads is an online advertising programme from Google Ireland Limited, Gordon House, Barrow St., Dublin 4, Ireland.

Within the framework of Google Ads, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on your end device. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page.

Each Google Ads client receives a different cookie. The cookies cannot be tracked across Google Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 (1) (f) GDPR. We have a legitimate interest in analysing user behaviour in order to optimise both our website and our advertising.

Here you can change your cookie settings via the Consent Management Tool.

You can find more information about Google Ads and Google Conversion Tracking in Google’s privacy policy.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of our website may be limited.

It is possible that Google may also use the data about your usage behaviour collected via our websites for its own purposes or for the purposes of other Google customers (e.g. playout of individualised third-party advertisements). Such further processing of the data, as well as the processing of the data after it has been transmitted to Google by Wedolo, is carried out by Google as the sole data protection controller. In this context, Google, as the sole data controller, may store data about you in the USA. The European Court of Justice has determined with regard to the USA that this country has an insufficient level of data protection. The legal basis for the data processing is Art. 6 (1) (a) GDPR.

7.4 HubSpot

This website uses services of the software manufacturer HubSpot. HubSpot is a software company from the USA with a branch in Ireland: HubSpot European Headquarters, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland (Telefon: +353 1 5187500).

We use HubSpot for our online marketing activities. This is an integrated software solution that we use to cover various aspects of our online marketing. These include among others:

• Content Management (Website and Blog)
• E-mail Marketing (newsletters and automated mailings, e.g. for the provision of downloads)
• Social Media Publishing & Reporting
• Reporting (e.g. traffic sources, accesses, etc. …)
• Contact Management (e.g. user segmentation & CRM)
• Landing Pages and contact forms
• Calendar function for booking appointments

This information, as well as the content of our website, is stored on servers of our software partner HubSpot Ireland. It can be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. All information we collect is subject to this privacy policy.

In accordance with Art. 28 GDPR, we have concluded an order processing agreement with HubSpot Ireland and fully implement the resulting requirements. It is possible that HubSpot may also use the data about your usage behaviour collected via our website for its own purposes. Such further processing of the data as well as the processing of the data after its transmission by us to HubSpot is carried out by HubSpot as the sole data protection controller. In this context, HubSpot as the sole data controller may store data about you in the USA. The European Court of Justice has determined with regard to the USA that this country has an insufficient level of data protection. The legal basis for the data processing is Art. 6 (1) (a) GDPR. We have concluded an order processing agreement with HubSpot, in which HubSpot ensures secure data transfer to third countries with the agreed standard data protection clauses.

If you generally do not want HubSpot to collect data, you can prevent the storage of cookies at any time by changing your browser settings.

Here you can change your cookie settings via the Consent Management Tool.

You can find out more about HubSpot’s privacy policy here and here.

You can read more about HubSpot here and here.

7.5 Facebook Marketing Services

Within our websites we use the so-called “Facebook Pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our websites as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).

The Facebook pixel is directly integrated by Facebook when you access our website and can save a so-called cookie, i.e. a small file, on your end device. First-party cookies, i.e. cookies stored under the domain of our website, are used. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our online offer will be noted in your profile. The data collected about you is anonymous for us, i.e. it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook and for its own market research and advertising purposes. If we transmit data to Facebook for matching purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of matching data that has also been encrypted by Facebook and is only done with your consent.

If we ask users to consent to the use of cookies, the legal basis of the processing is consent pursuant to Art. 6 (1) (a) GDPR. Otherwise, the processing is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR in a user-oriented and operationally efficient operation of our online offer.

Here you can change your cookie settings via the Consent Management Tool.

The processing of data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook ads, in Facebook’s data usage policy.

Specific information and details about the Facebook Pixel and how it works can be found in the Facebook help section.

You can object to the collection of your data by the Facebook pixel and the use of your data to display Facebook ads. To control the types of ads you see within Facebook, you can go to the page set up by Facebook and follow the instructions there for the settings for usage-based advertising. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

To prevent your data from being collected by the Facebook pixel on our websites, please click here.

Um die Erfassung deiner Daten mittels des Facebook-Pixels auf unseren Webseiten zu verhindern, klicke bitte hier.

Note: If you click on the link, an “opt-out” cookie will be saved on your end device. If you delete the cookies in this browser, you must click the link again. Furthermore, the opt-out only applies within the browser you are using and only within our web domain on which the link was clicked.

It is possible that Facebook may also use the data about your usage behavior collected via our websites for its own purposes or for the purposes of other Facebook customers (e.g. playout of individualized third-party advertisements). Such further processing of the data as well as the processing of the data after its transmission by us to Facebook is carried out by Facebook as the sole data protection controller. In this context, Facebook, as the sole data controller, may store data about you in the USA. The European Court of Justice has determined with regard to the USA that this country has an insufficient level of data protection. The legal basis for data processing is Art. 6 (1) (a) GDPR. You can also opt out of the use of cookies for reach measurement and advertising purposes via the Network Advertising Initiative opt-out page and additionally the US website or the European website.

7.6 Google Analytics for Firebase

Google Analytics for Firebase or Firebase Analytics is an analytics service provided by Google. Provider is Google Ireland Limited, Gordon House, Barrow St., Dublin 4, Ireland.

Further information on Google’s use of data can be found in Google’s Partner Policy.

The app tracking tool listed below and used by us is carried out on the basis of Art. 6 (1) (f) GDPR. With the tracking measure used, we want to ensure a needs-based design and the ongoing optimisation of our Wedolo driver app. On the other hand, we use the tracking measure to statistically record the use of our app and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

Firebase Analytics may share data from other tools provided by Firebase such as Crash Reporting, Authentication, Remote Config or Notifications. The user can check this privacy policy to find a detailed explanation of the other tools used by the owner.

This application uses mobile device identifiers (including Android Advertising ID or Advertising Identifier for iOS) and cookie-like technologies to run the Google Analytics for Firebase service.

Users may opt out of certain Firebase features through the appropriate mobile device properties, such as mobile advertising settings, or by following the instructions in other sections of this Privacy Policy regarding Firebase, as appropriate.

Personal data collected: Cookie, Unique Device Identifier for Advertising (e.g. Google Advertising ID or IDFA) and Usage Data.

Google’s privacy policy with further information about the data that is collected and how it is processed can be found here.

For the data transfer to the USA, we have agreed with Google on the standard data protection clauses approved by the EU Commission. The data transfer at the Google server to the USA is therefore based on Art. 46 (2) © GDPR.

7.7 Microsoft Advertising

Our websites use the online advertising programme Micosoft Advertising of Microsoft Ireland Operations Limited, Attn: Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland for the purpose of personalised online ads based on interests and location. The ads are displayed based on search queries on Bing.

When a user clicks on an ad, Micosoft Advertising places a cookie on the user’s device. For more information about the cookie technology used, please see the Microsoft Advertising Guidelines.

By using this technology, Microsoft and we, as their customers, receive the information that a user clicked on an ad and was redirected to our websites. The information obtained in this way is used solely for statistical analysis related to ad optimisation. We do not receive any information that would allow us to personally identify a visitor. The statistics provided to us by Microsoft include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page on our website that is tagged with a conversation tag. These statistics allow us to track which search terms most often lead to our ads being clicked on and which ads lead to the user contacting us via the contact form.

If you do not wish this, you can prevent the storage of the cookies required for this technology by using the settings in the browser or app, for example. If you do so, your visit will not be included in the user statistics.

In addition, you can also use the opt-out page provided by Microsoft. Please note that in the event of an objection, the opt-out cookie will only be set on the device with which you have currently accessed our website.

Here you can change your cookie settings via the Consent Management Tool.

8. Data deletion and storage period

If necessary, we process your personal data for the duration of our business relationship. This can also be the initiation or the execution of a contract.

Stored personal data will be deleted if there is no legal obligation to retain the data or if the personal data is no longer required for its intended purpose in accordance with Art. 17 GDPR. If there is a legally permissible reason for the continued storage of the personal data, we restrict its processing in accordance with Art. 18 GDPR by blocking this data and no longer processing it for other purposes. This applies in particular to data that must be retained for reasons of tax and commercial law. For example, in accordance with Section 257 (1) of the German Commercial Code (HGB), there are retention periods of 6 years for commercial books and letters, and in accordance with Section 147 (1) of the German Fiscal Code (AO), there are retention periods of 10 years for commercial and business letters.

9. Disclosure of data to third parties and third-party providers

Data is only passed on to third parties within the framework of legal requirements. We only pass on users’ data to third parties if this is necessary, for example, on the basis of Art. 6 Para.1 lit. b GDPR for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 Para.1 lit. f DSGVO in the economic and effective operation of our business operations. This concerns internal and external service providers for contract processing and order processing.

Where we use subcontractors to provide our services, we take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal requirements.

If personal data is transferred to service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other adequate data protection guarantees are in place.

Within the responsible party, only those persons and offices receive the data concerned that are responsible for the respective process; there is a clear business distribution and authorization concepts in this respect. The data may also be transferred to service providers for the above-mentioned purposes. The involvement of service providers is. necessary, for example, as part of the administration and maintenance of IT systems. The list of all service providers who perform data processing on behalf can be sent upon request.

In addition, personal data may be transmitted to further recipients, insofar as this is necessary for the fulfillment of contractual or legal obligations.

In principle, we ask you to provide us only with data that is necessary for the respective purpose or required by law. If we ask you to provide us with data voluntarily, we will draw your attention to this in particular.

10. Deine Rechte

You can assert your legal rights to information, correction, deletion, restriction of processing and data portability with our data protection officer.

You have a right of appeal to the competent data protection supervisory authority (Art. 77 GDPR):

The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7. OG
20459 Hamburg

Tel.: 040 / 428 54 – 4040
Fax.: 040 / 428 54 – 4000
Mail: mailbox@datenschutz.hamburg.de

11. Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

If the data processing is based on Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to “profiling” based on these provisions. You can find the respective legal basis on which processing is based in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Art. 21 (1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

12. Changes to the privacy policy

We reserve the right to change this Privacy Policy as we continue to develop our online platform and implement new technologies to improve our products and services to you. Therefore, we encourage you to review this Privacy Policy carefully from time to time.