Privacy notice website (05.01.2022):
This privacy notice informs you about the processing of personal data within our website. The privacy notice applies regardless of the domains, platforms and devices used (e.g. desktop, mobile, etc.).
We inform you about the processing of your personal data and the rights to which you are entitled under the European General Data Protection Regulation (GDPR). Personal data as defined by the GDPR is any information relating to an identified or identifiable natural person (‘data subject’), e.g., name, address, e-mail, order data, vehicle data.
In our privacy notice, we use various other terms as defined by the GDPR. These include terms such as processing, restriction of processing, profiling, pseudonymisation, controller, processor, recipient, third party, consent, supervisory authority and international organisation. You can find the corresponding definitions for these terms in Article 4 of the GDPR.
Authorised representatives and Managing Directors:
Dr Peter Mrosik (Owner and CEO)
Marc Böttger (CFO)
Chairman of the Supervisory Board:
Register number: HRB 8435
VAT ID no.: DE 137.876.324
Responsible for contents as defined under § 7 of the German Telemedia Act TMG:
Who is responsible for data processing and whom can I contact?
Person responsible is:
Mülheimer Straße 26
+49 2241 9953-0
+49 2241 9953-3561
You can reach our data protection officer at:
mip Consult GmbH
Rechtsanwalt Asmus Eggert
Mülheimer Straße 26,
Telefon 0931 304 976 0
What do we process your data for (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) for the following purposes and on the basis of the following legal grounds:
Insofar as you have given us your consent to process personal data for certain purposes, in particular for contacting you (e.g. via our contact or application form or by e-mail for processing and handling an enquiry, sending newsletters, advertising approaches by telephone or e-mail), this processing is lawful on the basis of your consent.
Consent may be withdrawn at any time. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is therefore not affected. The withdrawal can be sent to the above contact details or to email@example.com.
Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR
When contacting us (via online contact form or e-mail), your data will be processed for the purpose of handling the contact request and its processing.
If consent is provided in the form: Art. 6 (1) sentence 1 lit. a) GDPR; if the request relates to the performance of a contract or the implementation of pre-contractual measures: Art. 6 para. sentence 1 lit. b) GDPR or generally to safeguard legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR.
When you visit our website for the first time, you will be asked whether you also wish to accept non-essential cookies. If you consent to the use of non-essential cookies, this will allow us to analyze the use of our website. Furthermore, we may carry out various marketing activities based on your interactions with the website, other marketing channels and other third parties, such as social networks.
To find out more about the cookies we use, including in particular how to manage and delete cookies, see the Cookies section below.
Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR
Insofar as you wish to use our login area (e.g. extranet), we will process the data you collected during registration in order to provide you with specific information and services for architects and fabricators.
Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR
Within the framework of our partner academy, your personal data is processed for the purpose of individual consultation regarding our seminar programme, for the handling of the registration process and for the implementation and invoicing of the seminars.
Fulfilment of a contract or implementation of pre-contractual measures: Art. 6 para. sentence 1 lit. b) GDPR
Whistleblowing: In the context of receiving and clarifying suspicions about serious violations of laws and regulations, information about suspected violations of conduct by individuals is processed.
Fulfilment of legal obligations pursuant to Art. 6 (1) lit. c GDPR) in conjunction with. Directive (EU) 2019/1937 of 23 October 2019 (so-called "EU Whistleblowing Directive") and for the implementation of internal compliance measures to detect breaches of obligations under employment contracts (Section 26 (1) sentence 1 BDSG) and to investigate criminal offences Section 26 para. 1 sentence 2 BDSG; generally to protect our legitimate interest in appropriate prevention and combating of corruption pursuant to Art. 6 para. 1 lit. f GDPR; If consent is provided in the form: Art. 6 para. 1 sentence 1 lit. a GDPR.
When you contact us (via online application procedure, contact form or e-mail) in connection with your application, we process your data in order to check your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application procedure. Your application data will be screened by the HR department after receipt of your application. Suitable applications will then be forwarded internally to the department responsible for the respective open position. There a decision will be made on the further procedure. In principle, only those persons in the company have access to your data who require this for the proper conduct of our application procedure.
Establishment of an employment relationship, Section 26 BDSG and after completion of the application procedure in case of rejection to protect legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR (defence against claims), if applicable, if consent has been given, Art. 6 para. 1 sentence 1 lit. a) GDPR
We process your access data to protect the legitimate interests of us or of third parties. In particular, we pursue the following legitimate interests:
Within the framework of the balancing of interests for the protection of legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR
What sources and data do we use?
We process personal data that we receive from you while using our website and, if applicable, our business relationship.
In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. When you access our website, we collect the following access data, which is technically necessary for us to display our website to you and to ensure stability and security. The access data includes the IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (i.e. name of the specific website accessed), access status/HTTP status code, amount of data transferred in each case, referrer URL (previously visited page), operating system and its interface, language and version as well as type of browser software, notification of successful retrieval.
Furthermore, we receive your personal data if you contact us via online form or e-mail. Personal data here are, for example, title, first name, surname, address, e-mail address, telephone number, information as to whether you are an architect, builder, tendering body, window processor, dealer/installer, employee or other and, if applicable, the data that you optionally enter in the form and send to us as a message (hereinafter referred to as "contact data").
In the registration form for architects or processors, we also record the customer number, company, website, username and password.
In the registration form for the Partner Academy additionally title, department, function and company.
In the context of an application, we also process the documents you submit as application documents.
Who can access my data?
Within the organization, departments that need to know your data to fulfill our contractual and regulatory obligations can access your data.
In addition, processors (Art. 28 GDPR) engaged by us may also obtain access to data for the above-mentioned purposes. These are companies in the categories IT services, printing services, telecommunications, sales and marketing. If we use processors to provide our services, we take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.
A transfer of data to third parties will be made only within the scope of legal requirements. We will disclose your data to third parties only if this is required, e.g. under Art. 6 Para. 1 Sentence 1 lit. b) GDPR for contractual purposes or based on legitimate interests pursuant to Art. 6 Para. 1 Sentence 1 lit. f) GDPR in the economic and effective operation of our business operations (exchange of data between the individual companies of our group structure, available at: https://www.profine-group.com/de/unternehmen/#!/internationalitaet ) or you have consented to the transfer of data (e.g. transfer of customer data to specialist companies).
In the case of purely informative use of the website, we do not pass on any data to third parties.
How long will my data be retained?
For security reasons (e.g. to clarify acts of abuse or fraud), log file information is stored for a maximum of 14 days and then deleted (see point 3 above). Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the final clarification of the respective incident.
Access data to the login area will be deleted 24 months after the last use of our systems.
As far as necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation of a contract via contact form or by e-mail.
Applicant data will be deleted after 6 months in the event of a rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted if you withdraw your consent or after 5 years at the latest. Should we fill the advertised position with you, your data will be stored in our personnel management system.
Personal data that we receive via our whistleblower system will be retained for the duration necessary to clarify and conclusively assess the whistleblowing. After completion of the investigation, the personal data will be deleted within a reasonable period of time, regularly one month, and in accordance with legal requirements. In the case of the initiation of judicial and/or disciplinary proceedings, data may be retained until the conclusion of the proceedings or the expiry of any time limits for appeal. Personal data in connection with unfounded reports will be deleted immediately.
In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are two to ten years.
Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Section 195 et seq. of the German Civil Code (BGB), are usually 3 years, but in certain cases can be up to thirty years, whereby the regular limitation period is three years.
If you exercise your rights as a data subject, we will store the information provided to you in this regard until the expiry of the statutory limitation period pursuant to Section 31 para 2 no 1 OWiG, Section 41 para 1 BDSG, Article 83 para 5 lit b GDPR for 3 years. This period may be extended if the statutory limitation period is extended due to interruptions of the limitation period (e.g. in the context of inquiries by the supervisory authorities).
Are data transferred to a third country or to an international organization?
The data provided will be processed within the European Union and in the USA. For countries without an adequacy decision by the Commission according to Article 45 GDPR, as is the case with the USA, we generally agree on EU standard data protection clauses with the recipients of your data or obtain your consent for the data transfer.
Note: The protection of personal data in the USA does not correspond to the level of data protection required by the EU. In particular, there are no enforceable rights to protect your data against access by government authorities. Therefore, there is a risk that these governmental authorities can access the personal data without the data transmitter or the recipient being able to effectively prevent this.
What are my data subject rights?
In accordance with Art. 15 GDPR, you have the right of access as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data. In this case, we will provide you with the stored personal data. You also have the right to the information specified in detail in Art. 15 para 1 GDPR. However, the aforementioned right is not unlimited; the limitations of the right can be found in particular in Art. 15 para 4 GDPR.
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and to completion of incomplete personal data in accordance with Art. 16 GDPR.
You have the right to obtain the erasure of personal data concerning you without undue delay acc. Art. 17 GDPR. The right to erasure (“right to be forgotten”) is not unrestricted. In particular, erasure cannot be demanded, if we need to process your personal data further in order to perform our contract, to fulfil a legal obligation or to assert, exercise or defend legal claims. The requirements and restrictions of the right to deletion are set out in detail in Art. 17 GDPR.
You have the right, in accordance with Art. 18 GDPR, to request that the processing of your personal data be restricted if one of the conditions of Art. 18 para 1 GDPR is met. In this case, we may continue to store this data, but may process it only under strict conditions. The conditions and restrictions of the right to restrict processing are set out in detail in Art. 18 GDPR.
Pursuant to Art. 20 GDPR, you have a right to data portability. You may request to receive the personal data provided by you, which we process in an automated process on the basis of the contract existing between us or your consent, in a structured, common and machine-readable format. In addition, you may request us to transmit this data directly to another responsible party, insofar as this is technically feasible. The requirements and restrictions of the aforementioned rights in detail can be found in Art. 20 para 3 and 4 GDPR.
You can withdraw your consent to the processing of your personal data at any time. Please note that the withdrawal only takes effect for the future and does not affect the legality of the processing carried out based on the consent up to the withdrawal.
Information about your right to object according to Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 para 1 lit e GDPR (data processing in the public interest) and Art. 6 para 1 lit f GDPR (data processing based on balancing of interests); this also includes profiling under these provisions within the meaning of Art. 4 No. 4 GDPR.
If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves the purposes of asserting, exercising or defending legal claims.
In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for such purposes.
Objections do not require a particular form and no costs are incurred, other than the transmission costs according to the basic tariffs. If possible, any objection should be addressed to the above-mentioned address or email.
The above notifications and measures requested by you will be made available to you free of charge in accordance with Art. 12 para 5 GDPR.
You have a right to complain to a data protection supervisory authority if you are of the opinion that the processing of your personal data violates the GDPR, without prejudice to any other administrative or judicial remedy.
To what extent is there automated decision-making in individual cases, including profiling?
In the context of accessing our website or in the context of contacting us by form or e-mail, we do not use any fully automated decision-making pursuant to Article 22 GDPR. Should we use these procedures in individual cases, we will inform you about this separately if this is required by law. We do not process your data automatically with the aim of evaluating certain personal aspects (profiling).
Is there an obligation for me to provide data?
Within the framework of our website, you must provide the personal data that is required for the use of our website for technical or IT security reasons. If you do not provide this data, you will not be able to use our website.
When contacting us by form or e-mail, you only need to provide the personal data that is required to process your request. Otherwise we will not be able to process your request.
Some of these cookies are essential for our website to function, while other cookies help us improve our website by giving us insight into how you use the website.
By default, we only use necessary cookies. Necessary cookies enable the core functionalities of our website. The website cannot be displayed correctly without these cookies or individual areas may not function properly. Necessary cookies can only be prevented by appropriate settings in your browser.
Click here for information about the cookies we use:
Alternatively, you can prohibit the storage of cookies individually via the settings of your browser (the help page of the browser will tell you how to set the cookie handling). You can find help on cookie management in the most common browsers at the following addresses:
- Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
- Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
- Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
- Opera: http://www.opera.com/de/help
- Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE.
Newsletter dispatch with CleverReach
On our brand website under "News & Media" as well as within our registration form, we use the newsletter tool "Clever Reach" of CleverReach GmbH & Co KG, Schafjückenweg 2, 26180 Rastede, Germany. With the following instructions, we inform you about the registration, dispatch and evaluation procedure and inform you about your rights of objection. If you subscribe to our newsletter, you agree to receive the newsletter and the described procedures.
Newsletter content: We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter "newsletter") only on the basis of the consent of the recipient or on the basis of a legal permission. If we specifically describe individual newsletters as part of the registration process, this description is decisive for the consent of a newsletter subscriber. If there is no separate description, you will receive information about our products, offers and promotions as well as information about our company in our newsletters.
Double-Opt-In: The registration for our newsletter takes place in the so-called Double-Opt-In procedure. This means that after registering for the newsletter, we will send you an e-mail in which we ask you to confirm your registration. This confirmation serves to ensure that only persons who have access to the specified e-mail address register for our newsletter. We log the registrations to the newsletter in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your data stored with the newsletter service provider are also logged.
According to its own information, the newsletter service provider uses the data in pseudonymous form, i.e. without assignment to a user, to optimise or improve its own services. However, the newsletter service provider does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
The newsletters contain a so-called web beacon, i.e. a pixel-sized file that is retrieved from the server of the newsletter service provider when the newsletter is opened. Within the scope of this retrieval, technical information, such as information on the browser and your system, as well as your IP address and the time of the retrieval are initially collected. This information is used for the technical improvement of the services on the basis of the technical data or the target groups and your reading behaviour on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of the dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The dispatch of the newsletter and the measurement of its success are based on the consent of the recipients in accordance with Art. 6 Para. 1 Sentence 1 lit. a), Art. 7 GDPR in conjunction with § 7 Para. 2 No. 3 UWG or on the basis of the legal permission in accordance with § 7 Para. 3 UWG.
The logging of the registration process takes place on the basis of our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f) GDPR and serves as proof of consent to receive the newsletter.
You can unsubscribe from our newsletter at any time, i.e. withdraw your consent. You will find a link to cancel the newsletter at the end of each newsletter. If users have only subscribed to the newsletter and cancelled this subscription, their personal data will be deleted.
We use the web analytics tool “Google Analytics” from Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) hereinafter "Google".
Google processes the data for us in order to evaluate the use of our website by website visitors, to create reports about the activities within our website and to provide other services associated with the use of the website. In doing so, pseudonymous usage profiles of the website visitors are created from the processed data.
During your visit to the website, the following information is collected, among other things:
- pages viewed,
- the achievement of contact targets, such as contact requests or newsletter sign-ups,
- Your use of our website, for example clicks and time spent on one of our pages,
- Your approximate location (country and city),
- Your IP address (in shortened form, so that no clear assignment is possible),
- technical information such as browser, Internet provider, terminal device and screen resolution,
- via which website or advertising medium you came to us.
Google Analytics stores cookies in your browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that can be used to recognise you on future visits to the website.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely. The IP address transmitted by your browser will not be merged with other data from Google.
We use Google Analytics with IP anonymization enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
They can prevent the storage of cookies either by rejecting them in our cookie banner or by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and the transmission to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Analytics Remarketing to display the ads we place with Google or its partners only to users who have also shown an interest in our website or who have certain products or services (e.g. interests in certain topics on our website), which we transmit to Google (so-called "remarketing"). With the help of remarketing, we want to ensure that our ads correspond to the interests of users and are not harassing. You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your Google account; follow this link: https://www.google.com/settings/ads/onweb/.
Further information on data processing by Google, setting and objection options can be found on the Google website at https://policies.google.com/technologies/partner-sites.
We use the Google Ads service of Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) hereinafter "Google".
The processing of data within the scope of this service also takes place in the USA. The processing of your data in the USA is associated with corresponding risks. By giving your consent via our cookie banner, you consent to the processing of your data in the USA, despite potential access by US authorities, Art. 49 para. 1 p. 1 lit. a GDPR.
Google Ads is an internet banner advertising service that allows us to display ads in both Google search engine results and the Google advertising network. Google Ads allows us to pre-define certain keywords that will display an ad in Google's search engine results only when the user performs a keyword-relevant search. In the Google advertising network, our ads are displayed on topic-relevant websites by means of an automatic algorithm and in compliance with the keywords we have previously defined.
The purpose of our use of Google Ads is to advertise our website by displaying advertisements on the websites of third party companies and in the search engine results of Google and, if applicable, to display third-party advertisements on our website.
If you access our website via a Google ad, a so-called conversion cookie is stored on your computer by Google. A conversion cookie loses its validity after thirty days and is not used for your identification, but it is tracked whether certain subpages of our website were called. Through the conversion cookie, both we and Google can track whether you have reached our website via an ad, completed an action (e.g. a purchase) or cancelled.
The data and information collected through the use of the conversion cookie are used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via ads. We use this information to measure the success of our ads and to optimize our ads for the future. Neither our company nor other advertisers of Google Ads receive information from Google by means of which the data subject could be identified.
Instead of using our cookie banner, you can also prevent the setting of cookies by means of an appropriate setting in your internet browser. Such a setting of the internet browser used would also prevent Google from setting a conversion cookie on your computer. In addition, a cookie already set by Google Ads can be deleted at any time via the browser. Furthermore, it is possible to object to interest-based advertising by Google. To do this, you must call up the link www.google.de/settings/ads from any of the Internet browsers you use (on any device) and make the desired settings there.
If you wish to object to interest-based advertising by Google, you can use the opt-out options provided by Google: http://www.google.com/ads/preferences.
On this website we use the offer of Google Maps of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, United States. The legal basis for the use of Google Maps is your consent Art. 6 para. 1 p. 1 lit. a) and Art. 49 para. 1 p. 1 lit. a GDPR.
This allows us to show you interactive maps directly in the website and enables you to use the map function comfortably.
Google Maps is integrated in such a way that data about you as a user is only transmitted to Google when you have activated Google Maps by clicking on it. We have no influence on the data transmission to Google that then takes place.
By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website as well as the date and time of your visit to the website in question and your IP address. This takes place regardless of whether you are logged in to Google. If you are logged in, however, your data will be assigned to your account. If you do not wish to be associated with your Google profile, you must log out before activating a map.
If you are logged in to Google, Google may store your data as usage profiles and use it for the purposes of providing the services, maintaining and improving the services, measuring performance, developing new services and providing personalised services, including content and advertisements. This data processing is then governed by the usage agreement concluded between you and Google as part of your Google account.
The processing of data within the scope of this service also takes place in the USA. The information generated by the cookies about the use of our website is usually transferred to a Google server in the USA and stored there. There are corresponding risks associated with the processing of your data in the USA. By giving your consent via our cookie banner, you consent to the processing of your data in the USA, despite potential access by US authorities, Art. 49 para. 1 p. 1 lit. a GDPR.
For more information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the Google privacy notice. There you will also find further information on your rights in this regard and setting options for protecting your privacy: https://www.google.com/policies/privacy/ and an opt-out from personalized advertising is possible at https://www.google.com/settings/ads/.
We use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") on the basis of our legitimate interests. This function is primarily used to distinguish whether an input is made by a natural person or is abusive through machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the service reCAPTCHA to Google and to prevent abuse and spam.
The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA. There are corresponding risks associated with the processing of your data in the USA.
Further information on Google reCAPTCHA as well as Google's privacy notice can be found at: https://www.google.com/intl/de/policies/privacy/.
Integration of YouTube videos
We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com of Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and can be played directly from our website. The legal basis for the use of YouTube is your consent in accordance with Art. 6 (1) p. 1 lit. a) and Art. 49 (1) p. 1 lit. a GDPR.
The videos are integrated in such a way that data about you as a user is only transmitted to YouTube when you play the videos. We have no influence on the data transmission to Google that then takes place.
By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website and data on location (GPS data), IP address and devices used, including information on objects in the vicinity of your device, such as WLAN access points, radio masts and Bluetooth-enabled devices, as well as sensor data from your device (see YouTube privacy information of the provider). This is done regardless of whether you are logged in to Google or YouTube. If you are logged in, however, your data may be assigned to your account. If you do not wish to have your data associated with your YouTube profile, you must log out before activating a video. YouTube stores your data in case you are logged in as user profiles and uses them for purposes of providing the services, maintaining and improving the services, measuring performance, developing new services and providing personalized services, including content and advertisements. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
The processing of data within the scope of this service also takes place in the USA. The information generated by the cookies about the use of our website is usually transmitted to a Google server in the USA and stored there. There are corresponding risks associated with the processing of your data in the USA. By giving your consent via our cookie banner, you consent to the processing of your data in the USA, despite potential access by US authorities, Art. 49 para. 1 p. 1 lit. a GDPR.
For more information about the purpose and scope of data collection and processing by YouTube, please see the privacy information. There you will also find further information about your rights and setting options to protect your privacy:
We use the video hosting platform of Wistia, Inc., 120 Brookline Street, Cambridge, Massachusetts, 02139 USA ("Wistia") for our videos. The legal basis for the use is your consent pursuant to Art. 6 para. 1 p. 1 lit. a) and Art. 49 para. 1 p. 1 lit. a GDPR.
The videos are integrated in such a way that data about you as a user is only transmitted when you play the videos.
By playing a video, Wistia receives information on our behalf such as IP address, geographic location, browser information, device information, and information related to the use of the Sites, Media, and Services (e.g., how much and what media was viewed by a particular user, from where particular media was viewed, listened to, or accessed by a particular user, and how often particular media was viewed, listened to, or accessed by a particular user).
The processing of data within the scope of this service also takes place in the USA. The information generated by the cookies about the use of our website is usually transmitted to a Wistia server in the USA and stored there. The processing of your data in the USA involves corresponding risks. By giving your consent via our cookie banner, you consent to the processing of your data in the USA, despite potential access by US authorities, Art. 49 para. 1 p. 1 lit. a GDPR.
Further information on the purpose and scope of data collection and processing by Wistia can be found in the Wistia privacy notice. You can find the Wistia privacy notice at https://wistia.com/privacy.
Based on your consent (via our cookie banner), we use the so-called "Facebook pixel" of the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA).
With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our website as a target group for the display of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel based on our legitimate interests in the analysis, optimization and economic operation of our website and our company in order to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our website or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
The collected data is also transferred by Facebook to the USA and other third countries. Please note that the protection of personal data in the USA and third countries does not correspond to the level of data protection required by the EU. In particular, there is a lack of enforceable rights that safeguard the protection of your data against access by government authorities. Thus, there is a risk that these governmental entities may be able to access the personal data without the data transmitter or the recipient being able to effectively prevent this. If you do not want Facebook to be able to associate your visit to this website with your Facebook user account, please log out of your Facebook user account.
The processing of the data is carried out under the joint responsibility of Facebook and us in accordance with Art 26 of the GDPR. The primary responsibility for the processing of personal data in the context of the plugins lies with Facebook and all obligations under the GDPR with regard to the processing of personal data are fulfilled by Facebook (in particular the information obligations pursuant to Article 12 et seq. GDPR, ensuring the rights of data subjects pursuant to Article 15 et seq. GDPR, notification of data breaches pursuant to Articles 33, 34 GDPR).
You can find Facebook's privacy information at https://www.facebook.com/about/privacy/.
You can opt-out of the Facebook Pixel's collection and use of your data to display Facebook Ads. To adjust which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there regarding the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads.
Third-party services that do not set cookies
Google Fonts (online integration)
Google Fonts, i.e. external fonts of Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland, https://www.google.com/fonts.
The integration of Google Fonts is done without a connection to a Google server. Instead of loading the fonts from the Google server, we have stored and integrated them on our own server. When loading our website, Google does not receive any information about you or the device you are using.
We use Adobe Fonts from Adobe Systems Software Ireland Ltd. 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland ("Adobe") for a visually appealing design of our website.
This service allows us to access the Adobe font library. In order for the fonts we use to be integrated, your browser must establish a connection to an Adobe server in the USA and download the required font. Adobe thereby receives the information that our website was accessed from the IP address of your device.
Our social media pages
You will find us with presences within social networks and platforms, so that we can also communicate with you there and inform you about our services.
We point out that your data may be processed outside the European Union and that the data is usually processed for market research and advertising purposes. Usage profiles can be created from the usage behaviour and resulting interests of the users. These usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For this purpose, cookies may be stored on the computers of the users, in which the usage behaviour and the interests of the users are stored. Other data may also be stored in these usage profiles, especially if the users are members of the respective platforms and are logged in to them.
We only link to our company profiles on the respective social networks on our website. However, please note that when you click on a link to the social networks, data is transmitted to their servers. If you are logged in to the respective social network at this time with your user name and password, the information that you have visited our company profile on the respective social network from our website will be transmitted there and the respective provider can store this information in your user account.
In principle, we have no significant influence on the data processing of the social networks. However, we receive statistics from the providers about the use and visits of our company profiles in the social networks (e.g. information about the number of views, interactions such as likes and comments as well as summarized demographic and other information or statistics). For more information on the data used by the providers, please see the providers' privacy notices linked below.
Insofar as we receive your personal data in the context of our social media presences (e.g. in the context of a communication), you are entitled to the rights mentioned in this privacy notice above in this respect. You can address your requests with regard to data processing within the scope of our company profiles to us via the contact data mentioned above.
If you also wish to assert rights against the provider of the social network, the easiest way to do so is to contact the respective provider directly. The provider knows both the details of the technical operation of the platform and the associated data processing as well as the specific purposes of the data processing. The contact details can be found in the privacy notice linked below. We will also be happy to support you in asserting your rights, insofar as this is possible for us.
The processing of users' personal data is generally based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) GDPR. The legal basis is also Art. 6 (1) lit. b GDPR if we receive and process your data as part of a contract-related inquiry via our social media presence. The legal basis for the linking and operation of our company profiles in the social networks, including the receipt of statistics on the use of our company profiles, is Art. 6 (1) lit. f GDPR based on our legitimate interest in our corporate communication in the respective social networks.
For information on the respective processing and the respective objection options, we refer to the privacy notice of the providers linked below:
- Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook pages based on a personal data sharing agreement - privacy information: https://www.facebook.com/about/privacy/ , opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com,
- Google/YouTube (Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland) - privacy information: https://policies.google.com/privacy, opt-out: https://adssettings.google.com/authenticated,.
- Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) - Privacy Information/ Opt-Out: http://instagram.com/about/legal/privacy/ .
- Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND) - Privacy Information: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization
- LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) - Privacy Information https://www.linkedin.com/legal/privacy-policy , Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out,
- Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) - Privacy Information/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung .
- Vimeo (Vimeo, Inc. 555 West 18th Street, New York, New York 10011, Privacy@vimeo.com - Privacy Information (https://vimeo.com/privacy).
In the case of assertion of data subject rights, we recommend that these are asserted with the providers, as the providers have direct access to the data. However, if you would like our support, please feel free to contact us using the contact details above.
Compliance with laws and internal regulations is a top priority for profine. Against this background, we have supplemented our compliance system with a whistleblower system. Employees, business partners, but also third parties have the possibility to anonymously report irregular behavior at any time.
We use the whistleblowing system "INVENSITY" of Invensity GmbH, Mainzer Straße 19, 65185 Wiesbaden. Within the framework of our whistleblowing procedure, tips can be given anonymously. In order to submit a report via our whistleblower portal, it is sufficient if you provide information about the location, the time and the circumstances of the reportable circumstance in the description of the facts. The transmission of your report will be encrypted and, according to information provided by Invensity, in pseudonymous form, i.e. without attribution to a user, with your metadata removed. However, you may voluntarily disclose personal data about yourself as part of the reporting process. If you do not disclose any personal data, the case handlers have no possibility to establish a personal reference to you.
In order to receive and clarify serious cases of suspected breaches of rules at profine, the following data may (optionally) be processed within the framework of the whistleblower system: Details of the accused person (e.g. surname, first name, position and employment details), details of the alleged breaches of conduct. We ask reporting individuals to refrain from providing sensitive information about the accused unless it is necessary to describe their concerns. However, we cannot exclude the receipt and thus the processing of personal data of the special category as defined in Art. 9 of the GDPR.
profine GmbH will only process your data to the extent permitted by an applicable legal provision. The establishment of the whistleblower portal serves the fulfilment of our legal obligations pursuant to Art. 6 (1) lit. c GDPR in conjunction with Directive (EU) 2019/1937. Directive (EU) 2019/1937. Furthermore, we base the processing of personal data on our legitimate interest in adequately preventing and combating corruption pursuant to Art. 6 (1) lit. f GDPR. By submitting the reporting form, the persons providing the information declare their consent to any data processing that may concern them (Art. 6 (1) a GDPR).