Privacy policy

Disclaimer

Liability disclaimer:
The contents of our website have been produced with the utmost care and attention. However, we shall not be held liable for the correctness, completeness and topicality of the contents. As a service provider, we are responsible, pursuant to § 7 (1) TMG [German Telemedia Act] for our own content on this website in accordance with the general laws. However, pursuant to §§ 8 to 10 TMG [German Telemedia Act], as a service provider, we are not obligated to monitor or investigate sent or stored third-party information, which indicate an illegal activity. Obligations to remove or block the use of information in accordance with the general law remain unaffected by this. However, liability in this regard shall only be possible from the time of gaining awareness of a concrete legal violation. Once we become aware of such legal violations, we shall remove the respective contents immediately.

Liability for links:
Our offer contains links to external third-party websites, the contents of which we cannot influence. Therefore, we also cannot assume any liability for this third-party content. The relevant vendor or operator of the website is always responsible for the contents of linked websites. The linked websites were reviewed for legal violations at the time of setting the link. Illegal contents were not identifiable at the time of linking. However, without concrete indications, constant checking of the linked websites is cannot be reasonably expected. Once we become aware of such legal violations, we shall remove such links immediately.

Copyright:
The contents produced by the website operators and works on these websites are subject to German copyright law. The duplication, editing, dissemination and any type of exploitation outside of the boundaries of the copyright require the written consent of the relevant author/creator. Downloads and copies of this website are only permitted for private, non-commercial use. To the extent that the contents of this website have not been produced by the operator, the third-party copyrights shall be observed. In particular, third-party contents shall be identified as such. In the event that you should nevertheless become aware of a copyright violation, we request appropriate notification. Once we become aware of such legal violations, we shall remove such links immediately.

Data privacy:
This Privacy Policy informs you about the nature, scope and purpose of processing personal data (hereinafter referred to as “data”) within our online services and the associated websites, functions and contents, as well as external online presences, e.g. our Social Media Profile (hereinafter jointly referred to as “online services”). With respect to the terminology used, e.g. “processing” or “Controller”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Controller
Ehret+Klein GmbH
Gautinger Straße 1d
82319 Starnberg
E-mail address: info@ehret-klein.de
Managing Partners: Konstantin von Abercron, Michael Baureis, Erdal Bektas
Link to legal notice: http://ehret-klein.de/de/untermen%C3%BC/information/impressum.html

Contact Data Protection Representative
legal data Schröder Rechtsanwaltsgesellschaft mbH
Dr. Georg F. Schröder, LL.M.
Rechtsanwalt / Datenschutzbeauftragter
Prannerstr. 1

80333 München / Germany
Tel.: +49-89 - 954 597 520
Fax: +49-89 - 954 597 522
E-Mail:
georg.schroeder@legaldata.law

Types of processed data:
– Master data (e.g. names, addresses).
– Contact data (e.g. e-mail, telephone numbers).
– Content data (e.g. text entries, photographs, videos).
– Utilization data (e.g. visited websites, interest in contents, access times).
– Metadata/communication data (e.g. device information, IP addresses).

Categories of data subjects
Visitors and users of the online services (In the following, we will also refer to the data subjects jointly as “users”).

Purpose of the processing:
– Provision of the online services, their functions and contents.
– Answering of contact inquiries and communication with users.
– Security measures.
– Range measurement/marketing

Terminology used
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” is any operation or set of operations, which is performed on personal data or on sets of personal data, whether or not by automated means. The term has a broad meaning and comprises virtually any handling of data.

„“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
“Controller” is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Relevant legal foundation
On the basis of Art. 13 GDPR, we are notifying you about the legal foundations of our data processing. Insofar as the legal foundations are not referred to in the Privacy Policy, the following applies: The legal foundation for obtaining consents is Art. 6 Para. 1 Letter a and Art. 7 GDPR, the legal foundation for processing in fulfillment of our services and the performance of contractual measures, as well as answering inquiries, is Art. 6 Para. 1 Letter b GDPR, the legal foundation for processing in fulfillment of our legal obligations is Art. 6 Para. 1 Letter c GDPR, and the legal foundation for processing for the preservation of our vested interests is Art. 6 Para. 1 Letter f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 Letter d GDPR serves as the legal foundation.

Security measure
On the basis of Art. 32 GDPR, in consideration of the state-of-the-art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probability of occurrence and seriousness of the risk for the rights and freedoms of natural persons, the Controller and the Processor take appropriate technical and organizational measures, in order to guarantee the risk of an appropriate protection level.
These measures particularly include the assurance of confidentiality, integrity and availability of data by checking the physical access to the data, as well as the relevant access, the entry, disclosure, assurance of availability and their separation. Furthermore, we have set up procedures, which guarantee the exercising of rights by the data subjects, deletion of data and responding to endangering of the data. Furthermore, we already take the protection of personal data into consideration for the development/selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data-protection-friendly default settings (Art. 25 GDPR).

Cooperation with processors and third parties
Insofar as we disclose data to other persons and companies within the scope of our processing (processors or third parties), send data to these or otherwise grant them access to data, this only occurs on the basis of legal permission (e.g. if sending of the data to third parties, such as payment service providers is required for contract fulfillment in accordance with Art. 6 Para. 1 Letter b GDPR), if you have consented, a legal obligation prescribes this or on the basis of our vested interests (e.g. for the use of authorized representatives, web hosters etc.).
Insofar as we commission third parties with the processing of data on the basis of a so-called “contract data processing agreement”, this occurs on the basis of Art. 28 GDPR.

Transmissions to third countries
Insofar as we process data in a third country (i.e. outside of the European Union (EU) or the European Economic Area (EEA)) or disclose it within the scope of using third-party services or if disclosure/transmission of data occurs to third parties, this only occurs, if it is required for fulfilling our (pre-)contractual duties, on the basis of your consent, on the basis of a legal obligation or on the basis of our vested interests. Subject to legal or contractual permissions, we only process, or have the data processed, in a third country if the specific preconditions of Art. 44 et seqq. GDPR exist. I.e. the processing occurs, e.g. on the basis of specific guarantees, such as the officially acknowledged establishment of a privacy level corresponding to the EU (e.g. for the USA, by means of the “Privacy Shield”) or the observance of officially recognized specific contractual obligations (so-called “standard contractual clauses”).

Rights of the data subjects
You have the right to request a confirmation about whether relevant data are processed and to receive information about these data, as well as additional information and a copy of the data in accordance with Art. 15 GDPR.
In accordance with Art. 16 GDPR, you have the right to request the completion of the data relating to you or correction of the inaccurate data relating to you.
On the basis of Art. 17 GDPR, you have the right to request that relevant data are deleted immediately, or alternatively, on the basis of Art. 18 GDPR, to request a restriction to the processing of the data.
You have the right to request the receipt of the data relating to you, which you provided to us on the basis of Art. 20 GDPR and request that it be sent to other responsible parties.
Furthermore, in accordance with Art. 77 GDPR, you have the right to file a complaint with the responsible supervisory authority.

Cancellation right
You have the right to revoke granted consents in accordance with Art. 7 Para. 3 GDPR with effect for the future.

Contact form
On our website and project websites, we give you the opportunity to contact us via a provided form. In the context of sending your request via the contact form, we refer to this privacy policy to obtain your consent. If you use the contact form, we collect and store the data you enter in the input mask (e.g. last name, first name, e-mail address). In case of consent, the processing of your data is based on the legal basis of Art. 6 para. 1 lit. a) DSGVO. If your inquiry serves to prepare the conclusion of a contract, Art. 6 (1) lit. b) DSGVO is the legal basis. In other cases, the processing is based on Art. 6 para. 1 lit. f) DSGVO (legitimate interest) to respond to your request. In principle, your data will not be passed on to third parties. In the event that we provide a contact form for interested parties on our project pages, we would like to point out that inquiries from commercial users are forwarded to a broker pool. You can find more information on this in the "Brokerage services" section of our privacy policy. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your inquiry). Mandatory legal provisions - in particular retention periods according to the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.

Right to object
You may object to the future processing of the data relating to you on the basis of Art. 21 GDPR at any time. The objection may specifically be made against processing for the purpose of direct marketing.

Cookies and the right to object to direct marketing
Small files that are stored on users’ computers are referred to as “cookies”. Various details can be stored within the cookies. A cookie is primarily used for storing the details of a user (or the device on which the cookie is stored) during or also after his or her visit within online services. Temporary cookies and/or “session cookies” or “transient cookies” are those cookies, which are deleted after the user leaves an online service and closes his or her browser. For example, the content of a shopping basket in an online shop or a login status can be stored in such a cookie. Cookies are referred to as “permanent” or “persistent”, which also remain stored after closing the browser. For example, the login status can be stored, if the users visit the site again after several days. The interests of the users can also be stored in such a cookie, which are used for measuring range or for marketing purposes. Cookies are referred to as “third-party cookies”, which are offered by providers other than the Controller, who operates the online services (otherwise, if they are only the Controller’s cookies, “first-party cookies” are referred to).
We can use temporary and permanent cookies and explain this within the scope of our Privacy Policy.
If the users do not want cookies to be stored on their computer, they are requested to deactivate the relevant option in the system settings of their browser. Stored cookies can be deleted in the browser’s system settings. The exclusion of cookies can lead to functional restrictions of these online services.
A general objection to the use of cookies for online marketing purposes may be declared with many of the services, particularly in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies may be reached by switching them off in the browser settings. Please note that in this case, all functions of the online services my no longer be usable.

Deletion of data
The data processed by us are deleted on the basis of Art. 17 and 18 GDPR or their processing can be restricted. Unless expressly stated otherwise within the scope of this Privacy Policy, the data stored with us are deleted as soon as they are no longer required for their designated purpose and the deletion is not opposed by any statutory retention duties. Insofar as the data are not deleted, because they are required for other and legally admissible purposes, their processing is restricted. I.e. the data are stored and not processed for other purposes. This applies e.g. to data, which must be retained for commercial-law or tax-law purposes.
According to the legal provisions in Germany, the retention specifically occurs for 10 years in accordance with §§ 147 Para. 1 AO [German Fiscal Code], 257 Para. 1 No. 1 and 4, Para. 4 HGB [German Commercial Code] (accounts, records, management reports, booking vouchers, trading accounts, relevant tax records, etc.) and 6 years in accordance with § 257 Para. 1 No. 2 and 3, Para. 4 HGB [German Commercial Code] (commercial letters).
According to the legal provisions in Austria, the retention specifically occurs for 7 years in accordance with § 132 Para. 1 BAO [Austrian Federal Tax Code] (accounting records, vouchers/bills, accounts, documents, business papers, schedule of income and expenses, etc.), for 22 years in relation to properties and for 10 years in the case of records in relation to electronically provided services, telecommunication, radio and television services, which are provided to non-entrepreneurs in the EU Member States and are used for the Mini-One-Stop-Shop (MOSS).

Brokerage services
We process our customers’, clients’ and interested parties’ data (uniformly referred to as “customers”) in accordance with Art. 6 Para. 1 Letter b. GDPR, in order to provide them with our contractual or pre-contractual services. The data processed during the course of this, the scope, purpose and necessity of its processing, are determined according to the underlying commission. This basically includes the related personal and master data of the customers (name, address, etc.), as well as the contact data (e-mail address, telephone, etc.), the contract data (content of the commission, fees, terms, details about the referred companies/insurers/services) and payment data (commissions, payment history, etc.). Furthermore, we can process the details about the characteristics and circumstances of persons or the items belonging to them, if this is part of the subject matter of our commission. These can be e.g. details about personal circumstances, mobile or immobile material assets.
Within the scope of our commission, it can also be necessary to process specific categories of data in accordance with Art. 9 Para. 1 GDPR, particularly details about a person’s health. For this purpose, we obtain an express consent from the customers in accordance with Art. 6 Para. 1 Letter a., Art. 7, Art. 9 Para. 2 Letter a GDPR.
Insofar as it is necessary for contractual performance or by law, we disclose or send the customers’ data within the scope of cover requests, contracts and processing of contracts, data to providers of the referred services/properties, insurers, reinsurers, pools of brokers, technical service providers, other service providers, e.g. cooperating associations, as well as financial services providers, credit institutions and capital investment companies, as well as social security agencies, tax authorities, tax advisors, legal advisors, public accountants, insurance ombudsmen and the Federal Financial Supervisory Authority (BaFin). Furthermore, we can appoint sub-contractors, such as sub-brokers. We obtain a consent from the customers, if it is necessary to do so for disclosing/sending (which can be the case e.g. with specific categories of data in accordance with Art. 9 GDPR).

The deletion of the data occurs after the statutory warranty and comparable duties have elapsed, whereby the necessity for retaining the data is reviewed every three years; ceteris paribus, the statutory retention duties apply.
In the case of statutory archiving duties, the deletion occurs after they have elapsed. Under German law, in the insurance and financial industry, advisory records are specifically subject to retention for 5 years, brokerage contract notes for 7 years and brokerage contracts for 5 years, as well as 6 years generally for records that are relevant for commercial-code purposes and 10 years for records that are relevant for tax-code purposes.

Contractual services
We process our contracting parties’ and interested parties’ data, as well as the data of other principals, customers, clients or contracting parties (uniformly referred to as “contracting parties”) in accordance with Art. 6 Para. 1 Letter b. GDPR, in order to provide them with our contractual or pre-contractual services. The data processed during the course of this, the scope, purpose and necessity of its processing, are determined according to the underlying contractual relationship.
The data to be processed include the master data of our contracting parties (e.g., names and addresses), contact data (e.g. e-mail addresses and telephone numbers), as well as contract data (e.g., services used, contract contents, contractual communication, names of contact persons) and payment data (e.g. bank account details, payment history).

As a rule, we do not process specific categories of personal data, except if these are integral parts of commissioned or contractually-compliant processing.
We process data, which are required for the substantiation and fulfillment of contractual services and refer to the necessity of its processing, provided that this is not evident to the contracting parties. Disclosure to external persons or companies will only occur, if this is necessary during the course of a contract. For the processing of the data provided to us within the scope of a commission, we act in accordance with the instructions of the clients, as well as the legal stipulations.
Within the scope of use of these online services, we store the IP address and the time of the respective user action. The storage occurs on the basis of our vested interests, as well as the interests of the users, in respect of protection from misuse and other unauthorized use. Disclosure of these data to third parties does not occur, as a general rule, except if it is required for pursuing our claims in accordance with Art. 6 Para. 1 Letter f GDPR or if a legal obligation exists to do so in accordance with Art. 6 Para. 1 Letter c GDPR.
The deletion of the data occurs, if the data are no longer required for the fulfillment of contractual or legal duties of care, as well as for handling possible warranty and comparable duties, whereby the necessity for retaining the data is reviewed every three years; ceteris paribus, the statutory retention duties apply.

Administration, financial accounting, office organization, contact administration
We process data within the scope of administrative duties, as well as the organization of our business, financial accounting and compliance with the legal duties, such as archiving. In doing so, we process the same data, which we process during the course of providing or contractual services. The processing bases are Art. 6 Para. 1 Letter c. GDPR, Art. 6 Para. 1 Letter f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in administration, financial accounting, office organization, archiving of data, i.e. the duties for maintaining our business activities, exercising our duties and providing our services. The deletion of data in respect of contractual services and the contractual communication corresponds to the details referred to in these processing activities.
During the course of these, we disclose or send data to the tax authority, advisors, such as tax advisors or public accountant, as well as additional fee agencies and payment service providers.
Furthermore, on the basis of our business interests, we store details about suppliers, organizers and other business partners, e.g. for the purpose of establishing contact later on. As a rule, we permanently store these data, the majority of which are company-related.

Google Analytics

1. Use Google Tag Manager

Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect any personal information. The tool triggers other tags that may themselves collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager. http://www.google.de/tagmanager/use-policy.html
Click here to be excluded from Google Tag Manager capture.

2. Google Analytics

a) Type and scope of data processing
We use the tracking tool Google Analytics. Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Tel: +353 1 543 1000, Fax: +353 1 686 5660 ("Google").

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. 

On behalf of the operator of this website, Google will use this information for the purpose of systematically evaluating your use of the website, compiling reports on website activity and providing other services to website operators relating to website activity and internet usage. 
If individual pages of our website are accessed, the following data is stored:

- Three bytes of the IP address of the calling system of the user (anonymized 
  IP address)
- The website accessed
- The website from which the user accessed the page of our website (referrer)
- The subpages that are called from the called page
- The time spent on the website
- Frequency of a call of a site

We use Google Analytics with IP anonymization enabled. With the IP anonymization the
IP addresses are shortened by the last octet (e.g. 192.168.79.***; so-called IP masking). 
It is no longer possible to assign the abbreviated IP address to the user's computer or terminal device.

b) Purpose and legal basis
The Google Analytics service is used to analyze the usage behavior of our Internet presence. The legal basis is Art. 6(1) lit. a) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our website.

c) Storage period
The stored data are deleted as soon as they are no longer needed for our recording purposes. In our case, the storage period is 12 months.

d) Right to object
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en

Learn more about the terms of use of Google Analytics:
http://www.google.com/analytics/terms/gb.html

For more information see the Google Analytics’ data practices: https://support.google.com/analytics/answer/6004245?hl=en

 

3. Social Plugins

We are currently using the following social media plug-ins: Twitter, LinkedIn. With the help of a button, personal data is transmitted to the respective plug-in provider and stored there.
The respective plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or tailor-made design of its website. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, whereby you must contact the respective plug-in provider to exercise it. Through the plug-ins we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6(1) lit. f) GDPR.
The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. For US providers, a transmission takes place in the US.

For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. There you will also find more information about your rights and settings options for the protection of your privacy: 

• Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA
twitter.com/privacy
• LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland
www.linkedin.com/legal/privacy-policy

4. Campaign Manager (formerly DoubleClick by Google)

a) Type and scope of data processing    
We use the online marketing tool Campaign Manager from Google, a service from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, Email: support-deutschland@google.com ("Google").
Campaign Manager uses cookies to serve ads relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. 
Google uses a cookie ID to track which ads appear in which browser and can thus prevent ads from appearing more than once. In addition, Campaign Manager can use cookie IDs to capture conversions related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser's website with the same browser and buys something there. 
According to Google, Campaign Manager cookies do not contain any personally identifiable information.
Because of the marketing tools used, your browser automatically connects directly to Google's server. We have no influence on the extent and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge.

b) Purpose and legal basis    
Through the integration of Campaign Manager, Google receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. 
If you are registered with a Google service, Google can assign the visit to your account. 
Even if you are not registered with Google or you have not logged in, the provider may collect and store your IP address.
The Campaign Manager (DoubleClick Floodlight) cookies used enable us to understand whether you are carrying out certain actions on our website after you have accessed one of our display/video ads on Google or another platform via Campaign Manager or clicked on it (conversion tracking). This allows us to send you targeted advertising.
The legal basis is Art. 6(1) lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our website.    

c) Storage period    
The stored data will be deleted as soon as they are no longer needed for our purposes.

d) Right of objection    
You can prevent cookies from being saved by setting your browser software accordingly. You can deactivate the display of personalised advertising using a browser plug-in at https://support.google.com/ads/answer/7395996?hl=en
You can also deactivate the display of personalized ads here. 
Further information can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en
Privacy policy for advertising measures: https://policies.google.com/technologies/ads?hl=en

5. Google Maps

a) Type and scope of data processing
We integrate the maps of the service Google Maps. Google Maps ist a service of Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland ("Google").
This allows us to display interactive maps directly on our website and allows you to conveniently use the map function. Google will store a cookie on your device and process the following data:

• The operating system    
• Information about the browser type and version used    
• Information about your Internet service provider    
• Your IP address    
• Date and time of access    
• Websites from which you came to our website    
• Websites that you visit through our website

This occurs regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you're logged in to Google, your information will be directly associated with your account. If you do not want your profile to be associated with Google, you will need to log out.

b) Purpose and legal basis
Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the design of its website in line with requirements. 
Such evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing demand-oriented advertising. The evaluation is also carried out to inform other users of the social network about your activities on our website. 
Legal basis is Art. 6(1) lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our internet presence.

c) Storage period    
The stored data will be deleted as soon as they are no longer needed for our purposes.

d) Right to object
You have a right of objection to the formation of these user profiles. This is to be addressed to Google.    
You can prevent the transfer of data to Google by disabling JavaScript in your browser settings. In that case, you will not be able to use Google Maps on our website.
Learn more about the Google Maps Terms of Use:     https://policies.google.com/terms?gl=DE&hl=en

Learn more about the Additional Terms of Service of Google Maps:    
www.google.com/intl/en_US/help/terms_maps.html

For more information see Google's privacy policy: https://policies.google.com/privacy?hl=en

6. Matomo

a) Type and scope of data processing
Matomo is an open source software tool for web analysis. Among other things, a web analysis tool collects data about which website you came to a website from (so-called referrer), which subpages of the website you accessed or how often and for how long you viewed a subpage. 
Matomo sets a cookie. The setting of a cookie enables us to analyse the use of our website. Each time one of the individual pages of this website is accessed, the Internet browser is automatically prompted by the Matomo component to transmit data to our server for the purpose of online analysis. As part of this technical process, we gain knowledge of your personal data, such as your IP address, which is used, among other things, to track the origin of visitors and clicks.
Personal information such as the access time, the location from which an access originated and the frequency of visits to our website are stored by means of cookies. Each time you visit our website, this personal data, including the IP address of the Internet connection you use, is transferred to our server. These personal data are stored by us and are not passed on to third parties.

We use Matomo with the "Automatically Anonymize Visitor IPs" function. This anonymization function truncates your IP address by two bytes so that it is impossible to assign it to you or to the internet connection you are using.

b) Purpose and legal basis
The purpose of the Matomo component is to analyse the flow of visitors to our website. Among other things, we use the data and information obtained to evaluate the use of this website.

c) Storage period    
The stored data are deleted as soon as they are no longer needed for our recording purposes. 

d) Right to object
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You also have the opportunity to object to the collection of data generated by Matomo and relating to the use of this website and to prevent such collection, for example by using the "Do Not Track" program.

Further information and the valid data protection regulations of Matomo can be called up under https://matomo.org/privacy/

7. Integration of YouTube videos

a) Type and scope of data processing
We have included YouTube videos in our online offering, which are stored at http://www.YouTube.com and can be played directly from our website. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Tel: +353 1 543 1000, Fax: +353 1 686 5660 ("Google").
We use YouTube in conjunction with the privacy-enhanced mode feature to display videos to you. 
Due to the privacy-enhanced mode feature, the data explained in more detail below will only be transmitted to YouTube's server if you actually start a video.
YouTube collects your IP address, the date and time as well as the website you visited. 
This takes place regardless of whether YouTube provides a user account that you are logged in to or whether there is no user account. It also connects to Google's advertising network.
If you are logged into YouTube at the same time, YouTube assigns the connection information to your YouTube account and uses it for purposes of advertising, market research and/or tailoring its website to suit your needs.

b) Purpose and legal basis
The legal basis is Art. 6(1) lit. f) GDPR. Our legitimate interest lies in improving the quality of our internet presence.

c) Storage period    
The stored data will be deleted as soon as they are no longer needed for our purposes.

d) Right to object
YouTube permanently stores cookies on your terminal device via your Internet browser for the purpose of functionality and analysis of user behaviour. 
If you do not agree with this processing, you can prevent the storage of cookies by changing the settings in your Internet browser. 
If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.
If you do not wish your profile to be assigned to YouTube, you must log out before activating the button.

If you do not want to receive user-based advertising, you can opt out of placing ads using Google's ad preferences.

Further information about the purpose and scope of data collection and processing by YouTube, please see Google's privacy policy. There you will also find further information about your rights and setting options to protect your privacy:
https://policies.google.com/privacy?hl=en

8. Cookiebot

We use the consent management tool "Cookiebot" to fulfill legal obligations (Art. 6 (1) (c) GDPR). The operator is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.

Cookiebot collects log file data and consent data using JavaScript. This JavaScript enables Cookiebot to inform users about their consent to certain tags on our website and to collect, manage and document this consent.

This involves the following categories of data:

  • Anonymized IP address,
  • Date and time of consent,
  • browser information,
  • the URL of our sub-page from which you gave your consent,
  • a random and encrypted key,
  • the consent status, which serves as proof of consent.

The cookie consents given with the help of Cookiebot are stored for a period of 12 months.

The legal basis of the data processing is the fulfillment of legal obligations Art. 6 (1) (c) GDPR.

For more information, please see the privacy policy of Cookiebot at: https://www.cookiebot.com/de/privacy-policy/

Deactivate Google Analytics

9. Data protection information for videoconferencing
The following data protection information relates to the use of the Microsoft Teams video conferencing system (hereinafter: video conferencing system) at Ehret+Klein.

We would like to inform you below about the processing of personal data in connection with the use of the video conferencing system.

Person responsible
The responsible party for the processing of personal data in connection with the implementation of the event is Ehret+Klein GmbH, Gautinger Straße 1d, 82319 Starnberg (info@ehret-klein.de).

If you have any questions regarding data protection, you can also contact our data protection officer at any time by e-mail at: georg.schroeder@legaldata.law.

Purpose of processing
We use the video conferencing system to conduct telephone conferences, online meetings and/or video conferences (hereinafter: "events"). The video conferencing system is technically provided by the respective provider. 

What data is processed?
Various types of data are processed when using the video conferencing system. The scope of the data also depends on the data you provide before or during participation in the event.

The following personal data are subject to processing:

  • User details: first name, last name, phone (optional), email address, password (if "single sign-on" is not used), profile picture (optional), department (optional).
  • Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
  • For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
  • For dial-in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
  • Text, audio and video data: You may have the opportunity to use the chat, question or survey functions at an event. To this extent, the text entries you make will be processed in order to display and, if necessary, log them as part of the event. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the event. You can turn off or mute the camera or microphone yourself at any time.

In order to participate in an event or to enter the "meeting room", you must at least provide information about your name. The disclosure of further personal data to other participants is optional.

Scope of processing
If we want to record the event, we will inform you transparently and - if necessary - ask for consent. As a rule, there is no recording of the events. This also applies to the chat function. If you do not wish to be recorded, you can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications. In addition, you have the option of leaving the online meeting.

Legal basis for data processing
Insofar as personal data is processed by Ehret+Klein employees, the legal basis for data processing is Section 26 (1) BDSG or Article 6 (1) b) DS-GVO.

Insofar as you have concluded a contract with us as an event participant, the legal basis is Art. 6 para. 1 lit. b) DSGVO (contract or preliminary contract).

Insofar as you have given your consent to the processing of your personal data, the legal basis is Art. 6 para. 1 lit. a) DSGVO. You can revoke consent at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.

Audio or video recordings as well as the use of functions that are not necessary for a session are only used by us on the legal basis of the consent of the data subjects pursuant to Art. 6 (1) a) DSGVO. The declaration of consent is obtained in advance and can be revoked at any time for the future.

Recipients / passing on of data
Personal data processed in connection with participation in events will not be disclosed to third parties as a matter of principle, unless they are specifically intended for disclosure.

Data processing outside the European Union
Microsoft, as the provider of the Teams video conferencing system, is partly based in the USA. Processing of personal data may therefore also take place in a third country. Microsoft has been certified under the new EU-US Privacy Framework (available at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active), so that the adequacy decision of the EU-US Privacy Framework applies to the transfer, according to which processing by Microsoft provides an adequate level of protection for the processing of personal data.

No automated decision making
Automated decision-making within the meaning of Article 22 of the GDPR is not used.

Your rights as a data subject
You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be. Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.
Finally, you have a right to object to processing within the scope of the law. A right to data portability also exists within the framework of the data protection legal requirements.

Deletion of data
We delete personal data in principle when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or defend against warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.

Right of complaint to a supervisory authority
You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.


Google Analytics deaktivieren